Motive
Coercion
Curiosity
Espionage
Fear of Reprisals
Hubris
Human Error
Joiner
Lack of Awareness
Leaver
Misapprehension or Delusion
Mover
Personal Gain
Political or Philosophical Beliefs
Recklessness
Resentment
Self Sabotage
Third Party Collusion Motivated by Personal Gain
- ID: MT018
- Created: 29th October 2024
- Updated: 29th October 2024
- Contributor: Matt Barr
Curiosity
A subject, motivated solely by personal curiosity, may take actions that unintentionally cause or risk harm to an organization. For example, they might install unauthorized software to experiment with its features or explore a network-attached storage (NAS) device without proper authorization.
Prevention
| ID | Name | Description |
|---|---|---|
| PV012 | End-User Security Awareness Training | Mandatory security awareness training for employees can help them to recognize a range of cyber attacks that they can play a part in preventing or detecting. This can include topics such as phishing, social engineering, and data classification, amongst others. |
| PV013 | Pre-Employment Background Checks | Background checks should be conducted to ensure whether the information provided by the candidate during the interview process is truthful. This could include employment and educational reference checks, and a criminal background check. Background checks can highlight specific risks, such as a potential for extortion. |