Prepare a short --talking points-- paper in which you identify and dis.docx
- 1. Prepare a short "talking points" paper in which you identify and discuss 3 types of insider threats which can be mitigated using an Identity Governance & Administration solution. Your "talking points" should be 3 to 5 paragraphs long. Your audience is a group of managers (technical and non-technical) who are participating in a conference on reducing risks associated with insider threats. Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your article. Solution 3 types of insider threats are: 1) IT Sabotage: an insider’s use of IT to direct specific harm at an organization or an individual.Following are examples of IT sabotage: Statisticaly it has been noticed that who commit this type of crime among them 86% held techncal position.90% of the insider had administrator or privilege access at their organization. remedy: Using a technique called systems dynamics modeling, we were able to understand how insiders commit IT sabotage, model how the crime tend to evolve over time.Here is how susceptibility to IT sabotage can be reduced: There are other reasons also. 2)Theft of IP: an insider’s use of IT to steal IP from the organization. This category includes industrial espionage involving outsiders. It can be resolved using copyright and some software is also there
- 2. 3) Fraud: an insider’s use of IT for the unauthorized modification, addition, or deletion of an organization’s data (not programs or systems) for personal gain, or theft of information that leads to an identity crime (e.g., identity theft or credit card fraud) Remedy: Not to disclose PIN of your cards. dont write it or save it in mobile. Only remember it Protective Measure: Most organizations find it impractical to implement 100 percent protection from every threat to every organizational resource. Instead, they should expend their security efforts commensurately with the criticality of the information or other resource being protected. A realistic and achievable security goal is to protect from both external and internal threats those assets deemed critical to the organization’s mission. Organizations must carefully determine the likelihood and potential impact of an insider attack on each of their assets .