Jim Pelletier, CIA, vice president of Professional and Stakeholder Relations for The IIA, kirjoittaa siitä, mitkä ovat ”4 Simple Steps Internal Auditors Can Take To Mitigate Insider Threats” seuraavasti:
- Least privilege refers to giving users only the access they need to perform their assigned duties.
- Password controls should be simple and straightforward. However, the average person resists investing even minimal brain power on his or her passwords.
- Social engineering relates to a combination of psychological, physiological, and technological techniques that prey upon human emotions to get victims to take some sort of action they otherwise would avoid.
- Patching, particularly security updates, are critical for mitigating known security weak spots.
Lue lisää aiheesta ja aiheeseen liittyvistä raporteista tästä https://bddy.me/2Pehk2Y #IaMagIIA
IIA:n Global Technology Audit Guide löytyy jäsenille tästä Auditing Insider Threat Programs.