Professional Documents
Culture Documents
Whitepaper Consulting Services en 25apr18 Dae-Web
Whitepaper Consulting Services en 25apr18 Dae-Web
www.forcepoint.com 2
Forcepoint Consulting Services: User and Data Security Programs
Forcepoint’s partnership with the Carnegie Mellon SEI-Authorized Insider Threat Vulnerability Assessors
University Software Engineering Institute (SEI) enables will conduct on-site document reviews, interviews of key
our certified consultants to deliver the SEI-licensed personnel, and observation of critical business processes.
Insider Threat Vulnerability Assessment (ITVA) service. The assessment report documents the key findings of the
SEI developed the ITVA methodology and criteria to help organization’s exposure to insider threats along multiple
organizations assess how prepared they are to prevent, vectors (e.g., technical, behavioral, process, and policy).
detect, and respond to insider threats. It’s based upon SEI’s
analysis of more than 1,300 documented cases in which User and Data Security Program Design
malicious insiders took advantage of process or control
There is no shortage of guidance from regulatory,
weaknesses to negatively impact an organization.
industrial, trade, and government bodies; however, their
best practices are frequently duplicative, not well organized
We provide an unparalleled assessment by combining
for the stages of program development, and difficult
the formal standards of the ITVA with years of program
for program managers to interpret, tailor, and apply.
experience—as well as technical and operational
Additionally, experience-driven guidance is often lacking
expertise—to provide organizations with a detailed
in practical areas of typical, daily program operations.
assessment of their current state of readiness to defend
References relevant to different customers include:
against the insider threat.
Carnegie Mellon University (CMU) Software Engineering
The assessment identifies technical vulnerabilities, Institute (SEI) CERT Insider Threat Center
business process gaps, and inadequate management Federal Financial Institutions Examination Council (FFIEC)
practices. The Insider Threat Vulnerability Assessment
Financial Industry Regulatory Authority (FINRA)
examines practices within, and attributes of:
Institute for Critical Infrastructure Technology (ICIT)
Information technology
Intelligence National Security Alliance (INSA)
Human resources
National Industrial Security Program Operating Manual
Physical security (NISPOM)
Engineering National Infrastructure Advisory Council (NIAC)
www.forcepoint.com 3
Forcepoint Consulting Services: User and Data Security Programs
www.forcepoint.com 4
ABOUT FORCEPOINT
Forcepoint is transforming cybersecurity by focusing on what matters
most: understanding people’s intent as they interact with critical data
and intellectual property wherever it resides. Our uncompromising
systems enable companies to empower employees with unobstructed
access to confidential data while protecting intellectual property and
simplifying compliance. Based in Austin, Texas, Forcepoint supports
more than 20,000 organizations worldwide. For more about Forcepoint,
visit www.forcepoint.com and follow us on Twitter at @ForcepointSec.
CONTACT
www.forcepoint.com/contact
[WHITEPAPER_CONSULTING_SERVICES_EN] 200067.042518