Mimecast Logo
Get a Quote
    Resources
    All topics
    Email and Collaboration Threat Protection
    Insider Risk Management
    Security Awareness Training
    Data Compliance and Governance
    Threat Intelligence
    Ebook
    Insider Risk Management & Data Protection

    Human Risk Management: Playbook for repeat offenders

    Strategies to mitigate risky behaviors and enhance security accountability

    This playbook provides a structured approach to mitigating risks associated with repeat offenders, or users who consistently engage in risky security behaviors despite prior interventions. It outlines strategies to address these behaviors while fostering a culture of accountability and continuous improvement. Learn strategies to protect repeat offenders from sophisticated threats. Here’s what you’ll find in the playbook:

    Key components:

    1. Risk scenarios and business impact:
      1. Scenarios include repeated failures in phishing simulations, violations of security policies, and triggering automated security alerts.
      2. Business impacts range from increased cyberattack risks and data breaches to financial fraud, compliance violations, and reputational damage.
    2. Targeted security outcomes:
      1. Raise friction for repeat offenders: Introduce stricter controls and oversight.
      2. Shield high-risk users: Apply enhanced security measures like email filtering and access restrictions.
      3. Encourage behavior change: Use targeted nudges, justifications, and training to guide users toward better practices.
    3. Control strategy and phased implementation:
      1. Phase 1: Visibility & nudging – Monitor behaviors, provide visual cues, and educate users with just-in-time nudges.
      2. Phase 2: Targeted enforcement – Introduce friction through stricter policies, such as requiring justifications for risky actions and escalating oversight.
      3. Phase 3: Hard controls – Enforce high-confidence controls, including outbound message reviews, automated containment actions, and access restrictions.
    4. Stakeholder engagement:
      1. Involves executive leadership, HR, legal teams, security operations, and end-user communities to align efforts and ensure effective implementation.
    5. Response and operational support:
      1. Includes detection logic, alert criteria, and a response playbook for incidents.
      2. Emphasizes integration with tools like XDR/SIEM and HR systems for streamlined operations.
    6. Continuous improvement:
      1. Metrics to measure effectiveness, user engagement, and compliance.
      2. Regular reviews and updates to policies ensure alignment with evolving risks.

    Download your Ebook now

    Read Now
    Back to Top