Train users to be aware of access or manipulation attempts by an adversary to reduce the risk of successful spearphishing, social engineering, and other techniques that involve user interaction.
|ICS||T0811||Data from Information Repositories||
Develop and publish policies that define acceptable information to be stored in repositories.
|ICS||T0893||Data from Local System||
Develop and publish policies that define acceptable information to be stored on local systems.
Users can be trained to identify social engineering techniques and spearphishing emails.
Use user training as a way to bring awareness to common phishing and spearphishing techniques and how to raise suspicion for potentially malicious events.