Insider Threats Effective Controls and Practices

This guide addresses insider threats and outlines effective controls and practices for firms to manage these risks. It updates previous guidance from FINRA's 2018 Report on Selected Cybersecurity Practices. The document identifies factors contributing to insider threat risks and provides strategies for member firms to identify, prevent, detect, and respond to such threats. It discusses the importance of executive leadership in managing insider threats and emphasizes the need for robust identity access management and user entitlements processes. The guide also highlights the significance of privileged user controls and the necessity for firms to implement comprehensive policies regarding user access, passwords, and monitoring of privileged users. Additionally, it includes appendices with a glossary of terms and references to relevant FINRA publications. The document does not create new legal requirements but suggests practices firms may consider for compliance with existing regulations.