Baixe o app para aproveitar ainda mais
Prévia do material em texto
Insider Threat RACIQ Matrix Id en tf y R I A C R I I C I R C A C I A I R I A R R C R I Q A Q R C C I Identify/Create Governance Matrix A R Q C R Q A R C I R P r o t e c t Facilitate audits and regulatory reviews I R A C Q I Employee Training C A R R C Q Q R R I I A A C R I R Q R I A I A R C R Buddy System Q A I R C “Maker-Checker” Accountability System Q I C A Log how many threats breached the system. A R R C I D e t e c t High Interaction honeypot A R R Q Establish a series of threat indicators to benchmark normal vs. abnormal behaviors Determine each asset’s classification, criticality and probability of attack. Clearly define Employee ID Access Levels, and the types of assets associated with them. Rollout weekly personality questionnaires by department through log-in screens. Analyze the aggregate of negative responses by department to prioritize efforts in improving employee morale and productivity. Merge analysis with the knowledge assessment data collected in Protect Contract a third party human resource hotline for disgruntled employees to contact if needed. Systems Protection (Scripts, I/o Ports, OS, Browsers,Salt Cryptography). Implement more in depth background checks. Keep a log of employees. Give security employees with tenure access to higher priority IP and assets. Be ha vio ra l A na lys t IS O Cy be r T hr ea t A na lys t Cy be rse cu rit y A na lys t Co mp lia nc e A na lys t SO C IT R isk An aly st IT D ep ar tm en t PR D ep ar tm en t Le ga l C ou ns el Th ird Pa rty C on su lt HR D ire cto r CI O Responsible Accountable Consulted Informed Quality Reviewer D e t e c t Periodic background checks A C Q R Psychological Profiling & vulnerabilities scans R A R C Event Correlation (Automated & Real-time) I R R A Dual Access Verification C Q A R Log, monitor, and audit employee on-line actions. C Q R R I A R I R I R Q A R R R R C A C R R Q A I Analyze network traffic through the previous year’s data on that day to understand behavioral anomalies Implement means through which personnel can report suspicious insider behavior. Establish mechanisms through which customers may report fraudulent or suspicious transactions. SecurIT RACIQ Matrix
Compartilhar