Best Practices To Fight Insider Threats

Question

What are the Best Practices To Fight Insider Threats

Appsian-security 4 years 2020-12-11T17:22:38+00:00 1 Answer 0

Answer ( 1 )

  1. Appsian-security
    0
    2020-12-11T17:26:20+00:00
    Reply

    1: Know when you are under attack and when you are not. Visibility is essential. On a monthly basis, perform threat hunting. Make sure that you collect and archive all the details about your surroundings for at least 30 days. To create a window into what is occurring or has occurred, using data and analytics is key.
    2: Don’t try to turn off all your servers; don’t have a knee-jerk reaction. Find out what it is they do. You have to sit and watch them and map out their tasks.
    3: Take communication offline or on a different channel. The chances are that the messages are tracked by attackers.
    4: Build a separate war room. On compromised hardware, you can do physical forensics here. Make sure that the space is separate and monitored, too. It’s necessary to document the entire activity.
    5: Micro-segmentation divides the data center into different segments of protection, which are then allocated specific controls and services.
    6: Legally cover the bases. It is important to log all activities for analysis and to have an audit trail as well.

Leave an answer

By answering, you agree to the Terms of Service and Privacy Policy.