Start the process of implementing insider threat controls in your organization by classifying critical information by confidentiality, integrity and availability with associated impact ratings. NIST SP 800-60
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
Now that your data has been defined and classified by CIA rating, identify system boundaries. Boundaries should include systems, data flow, networks, people and hard copy printouts.
INSIDER THREAT MANAGEMENT GUIDE
Introduction: Insider threat management guide
Baseline management and control
Implementation of baseline control
Risk management audit
Risk management references
This was first published in August 2006