ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

  • ID: PV012
  • Created: 01st June 2024
  • Updated: 01st June 2024
  • Contributor: The ITM Team

End-User Security Awareness Training

Mandatory security awareness training for employees can help them to recognize a range of cyber attacks that they can play a part in preventing or detecting. This can include topics such as phishing, social engineering, and data classification, amongst others.

Sections

ID Name Description
IF011Providing Access to a Unauthorized Third Party

A subject intentionally provides system or data access to a third party that is not authorized to access it.

ME005Removable Media

A subject can mount and write to removable media.

MT015Recklessness

The subject does not have a threatening motive. However, the subject under takes actions without due care and attention to the outcome, which causes an infringement.

PR022Social Engineering (Outbound)

A subject deceptively manipulates and/or persuades others in order to gain access to devices, systems or services that hold sensitive information, or to otherwise cause harm or undermine a target organization.

IF017Excessive Personal Use

A subject uses organizational resources, such as internet access, email, or work devices, for personal activities both during and outside work hours, exceeding reasonable personal use. This leads to reduced productivity, increased security risks, and the potential mixing of personal and organizational data, ultimately affecting the organization’s efficiency and overall security.

IF002.005Exfiltration via Physical Documents

A subject tansports physical documents outside of the control of the organization.

ME005.001USB Mass Storage

A subject can mount and write to a USB mass storage device.

ME005.002SD Cards

A subject can mount and write to an SD card, either directly from the system, or through a USB connector.

ME005.003Disc Media

A subject can mount and write to disc media including, CD-R, DVD and Blu-ray discs.

ME006.001Webmail

A subject can access personal webmail services in a browser.

ME006.002Cloud Storage

A subject can access personal cloud storage in a browser.

ME006.003Inappropriate Websites

A subject can access websites containing inappropriate content.

ME006.004Note-Taking Websites

A subject can access external note-taking websites (Such as Evernote).

ME006.005Messenger Services

A subject can access external messenger web-applications with the ability to transmit data and/or files.

MT012.001Social Engineering (Inbound)

A third party deceptively manipulates and/or persuades a subject to divulge information, or gain access to devices or systems, or to otherwise cause harm or undermine a target organization.

ME006.007Text Storage Websites

A subject can access external text storage websites, such as Pastebin.