Technical Data Gathering

Technical threats specifically are covered as an approach to introducing technical data gathering. This chapter, on threats and safeguards, is intended as a primer or introduction to security threats in the technical area. It provides a brief introduction to many of the technical safeguards to ensure that the security risk assessment team member is familiar with controls they may encounter during as assessment as well as available safeguards for recommendations to address high risk areas. Various controls and safeguards are available, including restricting user error, securing sensitive information, and controlling user accounts. Many controls and safeguards discussed have dealt with ways to stop fraud, waste, and abuse, but even well-meaning employees can breach the security of the organization’s information through accidental means. The technical controls discussed are some of the ways to restrict user error as it would impact the security of the organization’s information.