Insider Threat Program – Basic Structure

Quote

Governance of an Insider Threat Program

A mature governance structure is essential to effectively develop, deploy, and manage an insider threat program. The CERT Insider Threat Center recommends that the organization implement a governance structure that enables the insider threat program to

  •  Maintain an updated knowledge base related to insider threats including staying current with the latest research and capturing lessons learned.
  • · Provide support to the insider threat program stakeholders to ensure the groups are meeting their objectives, providing the appropriate inputs to the insider threat program manager and appropriately communicating results and decisions to other insider threat program stakeholders.
  • · Monitor governance practices to ensure that governing bodies are meeting insider threat program needs, to make recommendations for improvement, and to refine the measures as needed.
  • · Capture and communicate insider threat program success stories to internal and external stakeholders to increase program support.
  • · Execute a comprehensive program-risk-management approach and required procedures for insider threat program stakeholders.
  • · Perform processes including budgetary review, the development of future technical requirements, continuous operation procedures, and risk management.
  • · When applicable, facilitate both formal and informal Continuous Diagnostic Monitoring (CDM) governance training for the CDM program staff, departments and/or agencies (D/As), partners, and stakeholders.
  • · Maintain and execute the program schedule for updating charter guidance, procedures, and policies based on ongoing lessons learned (both internally and externally), best practices, and stakeholder input.

Common Sense Guide to Mitigating Insider Threats, Fifth Edition, The CERT Insider Threat Center, Software Engineering Institute at Carnegie Mellon University ( http://www.sei.cmu.edu), December 2016
TECHNICAL NOTE: CMU/SEI-2015-TR-010

Securing Credit and Identity After the Equifax Breach

Amazon.com

Step 1: Read this article –>How I Learned to Stop Worrying and Embrace the Security Freeze

Step 2: Place a freeze on social security numbers of all family members. Note: A freeze cannot be placed on minors through online portals. Most agencies offer snail-mail options for minors.

Step 3: Place all account IDs, passwords and PIN numbers in a safe place! Applying for credit in the future will require contacting the agency and removing the freeze, temporarily or permanently.

Link

Has anyone succeeded in erasing someone’s memory? by Gagan Bir Singh https://www.quora.com/Has-anyone-succeeded-in-erasing-someones-memory/answer/Gagan-Bir-Singh?share=d15154d6&srid=zRYF

The possibilities for abuse are massive and terrifying.