This document will outline a new approach to long-term insider incident investigations. The actions taken by the perpetrator of malicious fraud, theft or sabotage are usually complex, fully utilizing technologies and insider knowledge to obfuscate their behaviors and circumvent existing security infrastructure. While this is typically a very small number of insiders, the challenge most enterprises face is that they don’t have detection tools, policy enforcement mechanisms or incident visualization technologies that allow them to detect, monitor and act on serious violations.
Leave a Comment
You must be logged in to post a comment.