Join Mike Chapple for an in-depth discussion in this video Employee security, part of CySA+ Cert Prep: 4 Security Governance.
- [Narrator] People are often the weakest link in the security chain, and personnel security should be an important part of the foundation of any cybersecurity program. It's very important to have strong security policies that clearly outline expectations for individual behavior, as well as the consequences for failing to comply with policy. Personnel security programs should be built upon educating employees about these policies and each employee's role in protecting the enterprise.
As you build your personnel security program, you should design explicit procedures that describe how you will handle violations of security policy. This is often a tricky situation that requires coordination between the cybersecurity team, managers throughout the organization, the legal team, and the human resources department. You should never approach an individual about a policy violation without first consulting with management. You might wind up causing more trouble than you expected.
One of the specific issues that you should address is the use of personal resources on company premises and with corporate data. You'll want to clearly identify whether it's appropriate to use personal computers, personal email or cloud service accounts, and personal mobile devices for these purposes. If you do allow the use of personal resources, you should have procedures for vetting those uses to ensure that that they comply with security policies and remain in compliance over time. You'll also need to arm your staff with the knowledge that they need to protect themselves against both technical and non-technical risks, including social engineering attempts.
Education is the best preventative tool to protect your team from falling victim to these attacks. Finally, you have to remember that not every employee has your organization's best interests at heart. Insider attacks are a source of many very damaging security breaches. When someone violates your trust, the impact can be devastating. Verizon recently released a report analyzing a year's worth of data breaches around the world, and they found that a quarter of all security breaches were the result of an insider threat.
You can protect your organization from the insider threat. Here are a few ways you can do that. First, you can perform strong and consistent background checks of new employees. I'll talk more about those later in this course. Second, you can implement careful monitoring processes. Third, you can provide managers with training to help them identify disgruntled employees and intervene before something bad happens. Finally, you can deploy data loss prevention technology that watches for unauthorized data exfiltration.
Protecting against personnel security threats can be very tricky, but it is an important component of any security program.
Want more CySA+ test prep tips? Visit certmike.com to join Mike's free study group.
- Security governance
- Security roles and responsibilities
- Security policies
- Complying with laws and regulations
- Auditing and assessing security
- Personnel security
- Security training
- Vendor management