The Insider Risk Mitigation Framework will ensure proportionate spending on any measures posed and make the cost benefit argument to support recommendations for security. It will also support organisational security development through the best use of insider risk mitigation methods to further mature a protective security stance.
Board Engagement & Governance
Positive and visible Board level support for, and engagement with, protective security is vital to demonstrate to staff the value placed on security and the insider threat strategy.
Insider Threat Practitioners & Stakeholders
Insider Threat Practitioners and Stakeholders will need to be engaged across business areas to provide specialist insight and ensure a successful implementation of a working Insider Threat Programme.
Role Based Security Risk Assessment
Understanding what security risks your organisation faces is essential for developing appropriate and proportionate security mitigation measures within the insider threat programme.
An insider threat programme should integrate effectively with the organisation’s overall communications’ strategy.
A good security culture in your organisation is an essential component of a robust protective security regime and helps to mitigate against insider threats and external people threats.
The Insider Threat programme should be continuously reviewed to measure the effectiveness of any resources used and that it correctly reflects the current threats and vulnerabilities in your organisation.