1 00:00:00,005 --> 00:00:01,005 - [Narrator] People are often 2 00:00:01,005 --> 00:00:03,009 the weakest link in the security chain, 3 00:00:03,009 --> 00:00:05,006 and personnel security should be 4 00:00:05,006 --> 00:00:07,006 an important part of the foundation 5 00:00:07,006 --> 00:00:10,003 of any cybersecurity program. 6 00:00:10,003 --> 00:00:14,001 It's very important to have strong security policies 7 00:00:14,001 --> 00:00:16,002 that clearly outline expectations 8 00:00:16,002 --> 00:00:19,002 for individual behavior, as well as the consequences 9 00:00:19,002 --> 00:00:22,002 for failing to comply with policy. 10 00:00:22,002 --> 00:00:24,000 Personnel security programs 11 00:00:24,000 --> 00:00:26,003 should be built upon educating employees 12 00:00:26,003 --> 00:00:29,007 about these policies and each employee's role 13 00:00:29,007 --> 00:00:33,001 in protecting the enterprise. 14 00:00:33,001 --> 00:00:35,009 As you build your personnel security program, 15 00:00:35,009 --> 00:00:38,000 you should design explicit procedures 16 00:00:38,000 --> 00:00:41,000 that describe how you will handle violations 17 00:00:41,000 --> 00:00:42,009 of security policy. 18 00:00:42,009 --> 00:00:44,009 This is often a tricky situation 19 00:00:44,009 --> 00:00:48,007 that requires coordination between the cybersecurity team, 20 00:00:48,007 --> 00:00:51,003 managers throughout the organization, 21 00:00:51,003 --> 00:00:55,002 the legal team, and the human resources department. 22 00:00:55,002 --> 00:00:57,004 You should never approach an individual 23 00:00:57,004 --> 00:00:59,004 about a policy violation 24 00:00:59,004 --> 00:01:02,000 without first consulting with management. 25 00:01:02,000 --> 00:01:03,008 You might wind up causing more trouble 26 00:01:03,008 --> 00:01:06,004 than you expected. 27 00:01:06,004 --> 00:01:08,007 One of the specific issues that you should address 28 00:01:08,007 --> 00:01:11,000 is the use of personal resources 29 00:01:11,000 --> 00:01:14,006 on company premises and with corporate data. 30 00:01:14,006 --> 00:01:16,002 You'll want to clearly identify 31 00:01:16,002 --> 00:01:19,002 whether it's appropriate to use personal computers, 32 00:01:19,002 --> 00:01:22,000 personal email or cloud service accounts, 33 00:01:22,000 --> 00:01:25,002 and personal mobile devices for these purposes. 34 00:01:25,002 --> 00:01:27,009 If you do allow the use of personal resources, 35 00:01:27,009 --> 00:01:30,007 you should have procedures for vetting those uses 36 00:01:30,007 --> 00:01:33,003 to ensure that they comply with security policies 37 00:01:33,003 --> 00:01:36,003 and remain in compliance over time. 38 00:01:36,003 --> 00:01:38,006 You'll also need to arm your staff 39 00:01:38,006 --> 00:01:41,001 with the knowledge that they need to protect themselves 40 00:01:41,001 --> 00:01:44,003 against both technical and non-technical risks, 41 00:01:44,003 --> 00:01:47,000 including social engineering attempts. 42 00:01:47,000 --> 00:01:49,003 Education is the best preventative tool 43 00:01:49,003 --> 00:01:54,001 to protect you team from falling victim to these attacks. 44 00:01:54,001 --> 00:01:55,009 Finally, you have to remember 45 00:01:55,009 --> 00:01:57,009 that not every employee has 46 00:01:57,009 --> 00:02:00,008 your organization's best interests at heart. 47 00:02:00,008 --> 00:02:03,002 Insider attacks are a source of many 48 00:02:03,002 --> 00:02:05,007 very damaging security breaches. 49 00:02:05,007 --> 00:02:08,001 When someone violates your trust, 50 00:02:08,001 --> 00:02:10,007 the impact can be devastating. 51 00:02:10,007 --> 00:02:12,007 Verizon recently released a report 52 00:02:12,007 --> 00:02:16,000 analyzing a year's worth of data breaches around the world, 53 00:02:16,000 --> 00:02:18,009 and they found that a quarter of all security breaches 54 00:02:18,009 --> 00:02:22,003 were the result of an insider threat. 55 00:02:22,003 --> 00:02:25,009 You can protect your organization from the insider threat. 56 00:02:25,009 --> 00:02:28,000 Here are a few ways you can do that. 57 00:02:28,000 --> 00:02:30,008 First, you can perform strong and consistent 58 00:02:30,008 --> 00:02:32,009 background checks of new employees. 59 00:02:32,009 --> 00:02:35,008 I'll talk more about those later in this course. 60 00:02:35,008 --> 00:02:40,006 Second, you can implement careful monitoring processes. 61 00:02:40,006 --> 00:02:42,005 Third, you can provide managers 62 00:02:42,005 --> 00:02:44,006 with training to help them identify 63 00:02:44,006 --> 00:02:46,009 disgruntled employees and intervene 64 00:02:46,009 --> 00:02:48,009 before something bad happens. 65 00:02:48,009 --> 00:02:52,007 Finally, you can deploy data loss prevention technology 66 00:02:52,007 --> 00:02:56,008 that watches for unauthorized data exfiltration. 67 00:02:56,008 --> 00:02:59,000 Protecting against personnel security threats 68 00:02:59,000 --> 00:03:02,002 can be very tricky, but it is an important component 69 00:03:02,002 --> 00:03:04,000 of any security program.