1. IT controls come in a variety of "flavors". Some groups are described as People, Process, and Technology. Other controls (safeguards) are defined by the standard with which they apply (e.g, Prevent, Detect, Deter, Respond). Research and select a control grouping framework then populate the framework with some examples of the actual control. Provide your rational as to why you selected your framework.
2. What four (4) IT security controlls do you find the most important? Why? Do you consider anything related to process or policy a "true" safeguard? Why? Why not?
3. We know from experience that the insider threat presents the biggest challenge to security professionals. With this area of control being nearly overwhelming... what technologies do you recommend that will help the security team keep a near real-time view of the insider threat? Think automation, behavior detection, and correlation.