GuardWare INSIGHT helps organisations conform to ACSC ISM and DISP
Helps to ensure proper handling of defense labeled information
Information marked Official: Sensitive and Protected has strong security considerations. GuardWare INSIGHT helps to enforce these
security requirements and ensure sensitive data is not mishandled.
Helps to establish trusted insider program inline with ACSC information security manual (ISM) and DISP
Risk from users (trusted insiders) either due to human error or malicious insider activity, is a growing concern in defence. Programs like DISP (Defence Industry Security Program) now require defence suppliers to have a mandatory Trusted Insider management program, which requires companies to monitor user access (and their actions) when dealing with sensitive data. The type of security controls that organisations should adopt have been listed by Australian Cyber Security Centre (ACSC) in their latest iteration of the ISM (Information Security Manual) when mitigating risk from trusted insiders. The following extract from the ISM showcases the requirements of a Trusted Insider Program.
Trusted insider program
As a trusted insider’s system access and knowledge of business processes often makes them harder to detect, establishing and maintaining a trusted insider program can assist
an organisation to detect and respond to trusted insider threats before they occur, or limit damage if they do occur. In doing so, an organisation will likely obtain the most benefit
by logging and analysing the following user activities:
- excessive copying or modification of files
- unauthorised or excessive use of removable media
- connecting devices capable of data storage to systems
- unusual system usage outside of normal business hours
- excessive data access or printing compared to their peers
- data transfers to unauthorised cloud services or webmail
- use of unauthorised Virtual Private Networks, file transfer applications or anonymity networks.
Control: ISM-1625; Revision: 1; Updated: Dec-22; Applicability: All; Essential Eight: N/A
A trusted insider program is developed, implemented and maintained.
Control: ISM-1626; Revision: 0; Updated: Nov-20; Applicability: All; Essential Eight: N/A
Legal advice is sought regarding the development and implementation of a trusted insider program.
Reference: ACSC Information Security Manual.
GuardWare INSIGHT software offers a one-stop solution to the data security, trusted insider, and compliance requirements of defence suppliers.
It is regarded as a people centric security solution that can help companies establish a trusted insider program and implement the above suggested controls. It does this through a simple, 3 step approach:
01
Classify Sensitive Data
Discovers and classifies files containing ITAR, CUI, defence classified data, tender information and
intellectual property
02
Monitor its usage
Monitors all movements and user interactions with sensitive data, using specified rules and artificial
intelligence.
03
Alerts when at risk
Provides clear reports on data risks, identifying who accessed it, the actions performed on it, how it was
shared, and alerts in case of breaches
