ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

  • ID: IF003
  • Created: 31st May 2024
  • Updated: 22nd September 2024
  • Contributor: The ITM Team

Exfiltration via Media Capture

A subject uses an external device, such as a mobile phone or camera, to record audio, photos, or video to capture media.

Subsections

ID Name Description
IF003.003Exfiltration via Audio Capture

A subject uses an external device, such as a mobile phone or camera, to take record audio containing sensitive information, such as conversations.

IF003.001Exfiltration via Photography

A subject uses a device, such as a mobile phone or camera, to take photos containing sensitive information.

IF003.002Exfiltration via Video Capture

A subject uses an external device, such as a mobile phone or camera, to take video recordings containing sensitive information.

Prevention

ID Name Description
PV016Enforce a Data Classification Policy

A Data Classification Policy establishes a standard for handling data by setting out criteria for how data should be classified and subsequently managed and secured. A classification can be applied to data in such a way that the classification is recorded in the body of the data (such as a footer in a text document) and/or within the metadata of a file.

PV003Enforce an Acceptable Use Policy

An Acceptable Use Policy (AUP) is a set of rules outlining acceptable and unacceptable uses of an organization's computer systems and network resources. It acts as a deterrent to prevent employees from conducting illegitimate activities by clearly defining expectations, reinforcing legal and ethical standards, establishing accountability, specifying consequences for violations, and promoting education and awareness about security risks.

PV009Prohibition of Devices On-site

Certain infringements can be prevented by prohibiting certain devices from being brought on-site.

Detection

ID Name Description
DT033Closed-Circuit Television

CCTV can be used to observe activity within or around a site. This control can help to detect preparation or infringement activities and record it to a video file.

DT029File EXIF Data

EXIF stands for Exchangeable Image File Format and is a standard that governs the formats for images, sound, and ancillary tags used by digital cameras, including those in smartphones and other systems. The essential feature of EXIF is that it embeds the metadata into the image files. It can provide detailed information about an image, including the date and time, camera settings, camera specifications, thumbnails, geographical location information, and orientation.