1

Implementation of Insider Threat Program

Student’s Name

Institution Affiliation

Course Number and Name

Professor’s Name and Title

Date
 2

Problem Summary

Insider threat protection is a duty that every other company should follow to minimize the

risks incurred if a piece of information leaked out or when an internal threat like the employer's

change of behaviors happens. These factors might affect any corporation at any given moment;

thus, people should be very keen on them, following a case study of an employee at XYZ Inc.

who used to grab information from the incorporation and its supported company. The

management found out that companies and firms are prone to leakages of information and

essential business details, which should be dealt with appropriately. XYZ Inc. is a medium

company that focuses on launching new applications for other businesses, knew that for sure, if

any of their information leaked, then their business is done. The competitors would have an

advantage over them.

IT solution

Companies must have their way of securing data. Thus, in the field of Information

Technology (IT), there have been strategies to be able to manage all these data and should be

used as a pillar of comfort. Many companies depend on technology only to address the problem

and struggle to execute a program. Any technology is only as good as the way it is incorporated

and utilized. It is essential to consider what security risks look like to protect the company from

insider attacks (Mohammed et al., 2020). The two significant types of insider attacks are Turn

cloaks and pawns, manipulative insiders, and reluctant actors. The Tun cloaks are used on the

inside to rob data. In many instances, it is a worker or contractor to someone that is meant to still

be on the system and has legal authorization, but who misuses their connection for fun or

benefits. We have even seen kinds of motivations that motivate this kind of behavior where

are somewhat as serious as leaking info to other nations others as plain as bringing a few papers
 3

to a rival on termination. A pawn is simply a typical employee, or a do good who commits an

error manipulated by a bad guy or somehow leads to a loss of data or breach.

Implementation Plan

The implementation plan includes the examination of personal information on

consumers. Train workers to spot and track insider attacks. Establish structures to evaluate and

exchange insider vulnerability information. Other measures to encourage insider threat initiatives

include the research of existing programs and creating an insider threat strategy in a public-

private partnership. Honesty is key to creating a stable society that values protection. Employees

should recognize that the management will automatically implement the software and without

rights or deviations. They should fully comprehend how well the curriculum is structured to

increase their success while protecting firms. Enforce accurate surveillance, cyber resilience

solutions: actual management, preparedness, and prevention technology must constantly be

operating, offering historical context and maximum awareness to all data operations (Mills et al.,

2018). The insider danger team to quickly and efficiently see the whole description to secure all

data at all times.

Review of other Work

As per the 2015 Intel Protection survey, insider malicious hackers were liable for 43% of

incidents, divided similarly between deliberate and accidental actors. Therefore, this malicious

attack is described as the worst problem over the past five years by the IBM X-Force 2016 Cyber

Security Intelligence Index. Such figures are sufficiently disturbing, but individuals do not give

enough information. Mainly because amongst active attacks by outcasts, nearly all of them have

at least some insider threat portion.

Relation of Artifacts to Project Development

 4

IT must reflect on both the program service life and how everything lines up with even

the server anticipated life and the accounts on a scheduled and unexpected scale. Fully

understanding the combination of the entity hardware and software framework is by far the most

critical part of server updates, but getting continuity in place is often more critical (Michael &

Eloff, 2020). Security and data transition are big problems that any company needs to contend

with, but it might not create far more frustrations if handled with quite an incredible work ethic.

In conjunction, plan downtime to finish the update and decide how soon the server would be

inactive. It would take just Twenty Four to Seventy Two hours to start a unique RAID

community using a 1TB/2TB/3TB hard drive to ensure that workers will be reachable over that

duration. Often guarantee that vendor assistance is provided, and compile and evaluate the

operating system documents to eliminate uncertainties.

Current Project Environment

The due project has aimed at projecting the whole era of data protection and safety

precautions. Therefore, the team gathered includes the IT experts, programmers, and managerial

staff to help purchase the necessary accruals and gadgets. The administrative staff will inform

the workers on the presumption dates before the date of the installations and the working date

kick-off. The managerial staff should also ensure that all the workers attend the seminars to teach

about the intended process to teach about the positive side of the program and the wrong side.

This seminar is to enable them to foresee and help them enact the dangers that may occur, either

intended or forced (Reed, 2019). Beneficial factors generally are better to be talked about, and

they are genuine for such programs.

Methodology
 5

The initiative includes the creation of an insider vulnerability program. Creating a

successful and reliable insider threat policy is a validated way to track early insider threat signs,

avoid insider attacks, or minimize their effects (Elifoglu, Abel & Taşseven, 2018). According to

Special Publication of the National Science Foundation, the Insider Danger Program is a

coordinated group of capabilities under standardized interfaces directed to monitor and deter the

unacceptable risk of security breaches. It is referred to as an insider vulnerability detection

software or system (Bilusich et al., 2018). Usually, an insider danger policy requires initiatives to

identify, respond to, remediate, and strengthen cybersecurity knowledge within an enterprise.

Project Goals, Objectives, and Deliverables

The initiative includes the creation of an insider vulnerability program. Creating a

successful and reliable insider threat policy is a validated way to track early insider threat signs,

avoid insider attacks, or minimize their effects. The Insider Danger Program is a "coordinated

group of capabilities under standardized interfaces that are directed to monitor and deter the

inappropriate risk of security breaches," according to Special Publication of the National Science

Foundation. It is sometimes referred to as an insider vulnerability detection software or system

(Bilusich et al., 2018). Usually, an insider danger policy requires initiatives to identify, respond

to, remediate, and strengthen cybersecurity knowledge within an enterprise.

 6

References

BILUSICH, D., CHIM, L., Nunes-Vaz, R., & Lord, S. (2018). There Is No Single Solution To

The ‘Insider’ Problem But There Is A Valuable Way Forward. Southampton: W I T

Press.

Elifoglu, I. H., Abel, I., & Taşseven, Ö. (2018). Minimizing insider threat risk with behavioral

monitoring. Review of Business.

Michael, A., & Eloff, J. (2020). Discovering “Insider IT Sabotage” based on human behaviour.

Information and Computer Security.

Mills, J. U., Dever, J. R., & Stuban, S. M. F. (2018). USING REGRESSION TO PREDICT

POTENTIAL insider threats. Defense AR Journal.

Mohammed Nasser Al-Mhiqani, Ahmad, R., Z, Z. A., Yassin, W., Hassan, A., Karrar, H. A., Ali,

N. S., & Yunos, Z. (2020). A Review of Insider Threat Detection: Classification,

Machine Learning Techniques, Datasets, Open Challenges, and Recommendations.

Applied Sciences.

Reed, T. (2019). You Can’t Always Get What You Want: Employee and Organizational

Responses to Perceived Workplace Injustices and their Relationship to Insider Attacks.