last sync: 2024-Oct-10 19:12:06 UTC

Implement an insider threat program | Regulatory Compliance - Documentation

Azure BuiltIn Policy definition

Source Azure Portal
Display name Implement an insider threat program
Id 35de8462-03ff-45b3-5746-9d4603c74c56
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1751 - Implement an insider threat program
Additional metadata Name/Id: CMA_C1751 / CMA_C1751
Category: Documentation
Title: Implement an insider threat program
Ownership: Customer
Description: The customer is responsible for implements an insider threat program that includes a cross-discipline insider threat incident handling team.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 5 compliance controls are associated with this Policy definition 'Implement an insider threat program' (35de8462-03ff-45b3-5746-9d4603c74c56)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
hipaa 1302.02e2Organizational.134-02.e hipaa-1302.02e2Organizational.134-02.e 1302.02e2Organizational.134-02.e 13 Education, Training and Awareness 1302.02e2Organizational.134-02.e 02.03 During Employment Shared n/a Dedicated security and privacy awareness training is developed as part of the organization's onboarding program, is documented and tracked, and includes the recognition and reporting of potential indicators of an insider threat. 19
hipaa 1507.11a1Organizational.4-11.a hipaa-1507.11a1Organizational.4-11.a 1507.11a1Organizational.4-11.a 15 Incident Management 1507.11a1Organizational.4-11.a 11.01 Reporting Information Security Incidents and Weaknesses Shared n/a The organization has implemented an insider threat program that includes a cross-discipline insider threat incident handling team. 3
hipaa 1525.11a1Organizational.6-11.a hipaa-1525.11a1Organizational.6-11.a 1525.11a1Organizational.6-11.a 15 Incident Management 1525.11a1Organizational.6-11.a 11.01 Reporting Information Security Incidents and Weaknesses Shared n/a The organization takes disciplinary action against workforce members that fail to cooperate with federal and state investigations. 6
NIST_SP_800-171_R2_3 .2.3 NIST_SP_800-171_R2_3.2.3 NIST SP 800-171 R2 3.2.3 Awareness and Training Provide security awareness training on recognizing and reporting potential indicators of insider threat. Shared Microsoft and the customer share responsibilities for implementing this requirement. Potential indicators and possible precursors of insider threat include behaviors such as: inordinate, long-term job dissatisfaction; attempts to gain access to information that is not required for job performance; unexplained access to financial resources; bullying or sexual harassment of fellow employees; workplace violence; and other serious violations of the policies, procedures, directives, rules, or practices of organizations. Security awareness training includes how to communicate employee and management concerns regarding potential indicators of insider threat through appropriate organizational channels in accordance with established organizational policies and procedures. Organizations may consider tailoring insider threat awareness topics to the role (e.g., training for managers may be focused on specific changes in behavior of team members, while training for employees may be focused on more general observations). link 2
PCI_DSS_v4.0 12.6.3.1 PCI_DSS_v4.0_12.6.3.1 PCI DSS v4.0 12.6.3.1 Requirement 12: Support Information Security with Organizational Policies and Programs Security awareness education is an ongoing activity Shared n/a Security awareness training includes awareness of threats and vulnerabilities that could impact the security of the CDE, including but not limited to: • Phishing and related attacks. • Social engineering. link 3
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-171 Rev. 2 03055927-78bd-4236-86c0-f36125a10dc9 Regulatory Compliance GA BuiltIn
PCI DSS v4 c676748e-3af9-4e22-bc28-50feed564afb Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-13 16:35:29 add 35de8462-03ff-45b3-5746-9d4603c74c56
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC