Today’s retailers face a variety of security risks, not least of which is the insider threat of cyber crime committed by employees or temporary staff. In fact, according to Kroll’s most recent Global Fraud & Risk Report, insider or employee data theft is the second-most common type of cyber incident in the retail environment. So we know about the danger—but what are the best ways to protect against those insider threats?
In an article for the latest issue of LPM Online, Contributing Writer Garett Seivold looks closely at ten methods of insider threat protection shared by Dawn Cappelli, CISSP, formerly of the CERT Insider Threat Center at the Software Engineering Institute at Carnegie Mellon University, in a 2012 presentation to the annual RSA Conference on information security. From the article:
1. Learn from the Past for Future Protection
Large companies especially must ensure that they are implementing lessons Dawn Cappelli learned from insider network attacks. Cappelli said she’s often seen such companies repeatedly suffer the same insider crimes. “When you have an attack, implement controls to catch it next time,” she advised. She said some companies help improve the odds that solutions are implemented companywide by using a formal team with a specific responsibility to examine past incidents as they occur and to roll out fixes.
Read the full article, “10 Helpful Approaches to Prevent Insider Cyber Crime,” to discover other ways that could help retailers today in their battle against internal network attacks.
If you’ve missed any of our previous LPM Online editions, go to the Archives page at the end of the edition to see what you’ve missed. Be sure to be an LPM digital subscriber so you are the first to know when new issues are available. If you haven’t already, sign up on the SUBSCRIBE NOW link. It’s totally free. (Note: if you’re already subscribed, the previous link will take you to the current issue of the print magazine.)