posted on 2016-12-01, 00:00authored byGeorge J Silowash, Derrick Spooner, Daniel L. Costa, Michael Abrethsen
This technical note explores free and low cost technical solutions to help organizations prevent, detect, and respond to malicious insiders. The tools presented address the needs of organizations to have, at a minimum, user activity monitoring, data loss prevention, security information and event management, analytics, and a digital forensics and investigation capability. Implementing tools in all of these categories will help an organization have a successful insider threat program.