SB195 Completes policy attestation
Most organizations today have multiple compliance requirements and contractual obligations that require all employees to attest that policies and procedures have been read and acknowledged. An attestation is a way to confirm, witness, validate or authenticate that an employee has received up to date and accurate information or training concerning company policies that he or she will be required to perform.
Why is it important?
Understanding security policies increases awareness and understanding of relevant protocol when dealing with threats actors and/or security incidents. Greater awareness of security protocol significantly decreases the risk of a security incident, and enables effective reportage should one occur (which can mitigate exploitation).
Priority Tier
Behaviours in SebDB are ranked by their impact on risk. Tier 1 behaviours have the biggest impact, Tier 4 behaviours the least.
Risk Mitigated
Account Compromise
Account compromise happens when unauthorised people access them.
Data Leak
A data leak is when data is accidentally or intentionally disclosed to unauthorised people.
Physical Damage
Physical damage is the damage, destruction or theft of devices and other hardware.
Personal Exposure
Personal exposure is the extent to how much someones personal information is available online.
Further reading
https://wires.onlinelibrary.wiley.com/doi/abs/10.1002/wics.106 https://www.onetrust.com/blog/policy-attestation-if-you-cant-measure-it-you-cant-manage-it/