AT-3(4)—Role Based Security Training
PBMM (P2)
Operational
>Control Description
SECURITY TRAINING | SUSPICIOUS COMMUNICATIONS AND ANOMALOUS SYSTEM BEHAVIOUR The organization provides training to its personnel on ⚙organization-defined indicators of malicious code to recognize suspicious communications and anomalous behaviour in organizational information systems. Supplemental Guidance: A well-trained workforce provides another organizational safeguard that can be employed as part of a defence-in-depth strategy to protect organizations against malicious code coming in to organizations via email or web applications. Personnel are trained to look for indications of potentially suspicious email (e.g., receiving an unexpected email, receiving an email containing strange or poor grammar, or receiving an email from an unfamiliar sender but who appears to be from a known sponsor or contractor). Personnel are also trained on how to respond to such suspicious email or web communications (e.g., not opening attachments, not clicking on embedded web links, and checking the source of email addresses). For this process to work effectively, all organizational personnel are trained and made aware of what constitutes suspicious communications. Training personnel on how to recognize anomalous behaviours in organizational information systems can potentially provide early warning for the presence of malicious code. Recognition of such anomalous behaviour by organizational personnel can supplement automated malicious code detection and protection tools and systems employed by organizations.
Ask AI
Configure your API key to use AI features.