Created
December 2, 2022 20:57
-
-
Save opexxx/176b0170a471dcf0f80c9963239a1d0f to your computer and use it in GitHub Desktop.
mitigating insider threat
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The Guide describes 22 best practices for mitigating insider threat based on the CERT Division's continued research and analysis of more than 3,000 insider threat cases. | |
Best Practices | |
1. Know and Protect Your Critical Assets | |
2. Develop a Formalized Insider Risk Management Program (IRMP) | |
3. Clearly Document and Consistently Enforce Administrative Controls | |
4. Beginning With the Hiring Process, Monitor and Respond to Suspicious or Disruptive Behavior | |
5. Anticipate and Manage Negative Issues in the Work Environment | |
6. Consider Threats From Insiders and Trusted External Entities in Enterprise-Wide Risk Assessments | |
7. Be Especially Vigilant Regarding Social Media | |
8. Structure Management and Tasks to Minimize Insider Stress and Mistakes | |
9. Incorporate Insider Threat Awareness Into Periodic Security Training for All Workforce Members | |
10. Implement Strict Password and Account Management Policies and Practices | |
11. Institute Stringent Access Controls and Monitoring Policies on Privileged Users | |
12. Deploy Solutions for Monitoring Workforce Member Actions and Correlating Information from Multiple Data Sources | |
13. Monitor and Control Remote Access from All End Points, Including Mobile Devices | |
14. Establish a Baseline of Normal Behavior for Both Networks and Workforce Members | |
15. Enforce Separation of Duties and Least Privilege | |
16. Define Explicit Security Agreements for Cloud Services, Especially Access Restrictions and Monitoring Capabilities | |
17. Institutionalize System Change Controls | |
18. Implement Secure Backup and Recovery Processes | |
19. Mitigate Unauthorized Data Exfiltration | |
20. Develop a Comprehensive Workforce Member Termination Procedure | |
21. Adopt Positive Incentives to Align the Workforce and the Organization | |
22. Learn From Past Insider Threat Incidents | |
https://insights.sei.cmu.edu/news/new-edition-of-common-sense-guide-to-mitigating-insider-threats-released | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment