That's why you frequently deploy moles who try to get away with something (e.g, with writing a password on a post-it), and seriously reprimand persons who do not report that.
All your personnel must be paranoid; you cannot get there with only the real break-in/data theft attempts, as those are too rare.
Also, you regularly shift the roles, turning an operator into a watcher and vice versa.
Finally, you cannot have someone teamed up with the same person for weeks, because they might befriend each other and start to let things slip.
All your personnel must be paranoid; you cannot get there with only the real break-in/data theft attempts, as those are too rare.
Also, you regularly shift the roles, turning an operator into a watcher and vice versa.
Finally, you cannot have someone teamed up with the same person for weeks, because they might befriend each other and start to let things slip.