Daffodil International University

IT Help Desk => Cyber Security => Control Cyber security Risks => Topic started by: Monir Hossan on July 03, 2018, 01:35:27 PM

Post by: Monir Hossan on July 03, 2018, 01:35:27 PM

Cyber security is increasingly recognised to be a people issue as much as a technical one. Boards now understand that their own employees may be the weak link in an organisation’s cyber defences. This article provides a self-assessment matrix to help organisations understand how effectively they are mitigating cyber insider risk and thus enable them to embark on a programme of improvement.


Cyber Insiders – a Board Issue (Cyber Security Review, Summer 2014 edition) attracted considerable interest. For many readers the distinctions between cyber insiders who could be “witting or unwitting” and “malicious or non-malicious” were novel. Many had previously been unsighted on CPNI’s excellent insider threat research2 and the evidence that indicated the existence of nine factors at organisational level that enable insider acts to take place. Most readers accepted that the proposed “10 Steps to Cyber Insider Protection” were a valuable approach to addressing the organisational level factors which enable insider acts to take place.

Link: http://www.cybersecurity-review.com/articles/cyber-insider-risk-mitigation-maturity-matrix/