Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
thecloseman
Newcomer I
‎11-17-2022 07:00 PM
‎11-17-2022 07:00 PM

Insider threat Control Framework

Hi all,

 

I would like to do an assessment on our control environment to mitigate risk associated with insider threats. 

 

Can someone recommend a control framework to use for this or have a template they are willing to share?

 

Thanks 

 

Reply
1 Reply
jbuitron
Contributor I
‎08-16-2025 05:27 PM
‎08-16-2025 05:27 PM

Hello friend,

I am unsure if what I studied for five years regarding the Insider Threat/Insider Risk will be exactly what you are seeking, yet here goes. A 'framework' like NIST 800-53 specifies controls that are not always technical controls . . .

 

My dissertation is not about specific (technical) controls. The focus question is roughly, "out of the hundreds of recommendations for 'Running' an INTP (Insider Threat Program), which are the best practices for 'Starting/Establishing' a New INTP? The research came up with a list of 11 controls that were most recommended (by weight) by the professionals who were interviewed during the research phase. 

 

Let me know if you'd like to see it.

 

And, I would love to work in the Insider Risk/Threat arena. Have applied for dozens of openings in INTP . .  yet, I am not considered 'good enough,' for whatever strange reason.

 

Dr. J.F.-B., DCS, CCISO, CISSP, 

MSIA, MCSA, ITIL (ad infinitum, ad nauseum)

Reply