1. Insider threats refer to the risks that arise from employees, contractors, or other authorized individuals who may exploit their access to an organization's systems or data for personal gain or to harm the organization. Insider threats are becoming increasingly common and can cause significant damage to an organization's reputation, finances, and intellectual property. Therefore, Liqvid PTE. LTD has established an insider threat program to mitigate these risks and ensure the protection of our assets, systems, and data. 

2. This insider threat program applies to all employees, contractors, and third-party vendors who have access to Liqvid PTE. LTD systems, data, or assets. The program covers all aspects of insider threats, including identification, detection, prevention, and response.=

Objectives: 

3. The objectives of the insider threat program are: 

I. To identify potential insider threats and assess the risk associated with them.

II. To detect insider threats in a timely and effective manner. 

III. To prevent insider threats from causing damage to the organization. 

IV. To respond to insider incidents in a coordinated and efficient manner.

Roles and Responsibilities: 

4.1. The Information Security Manager is responsible for overseeing the insider threat program and ensuring that it is effective in mitigating risks.

4.2. The Human Resources department is responsible for conducting background checks on all employees and contractors before they are granted access to Liqvid PTE. LTD systems, data, or assets.

4.3. The IT department is responsible for monitoring user activities on the network, systems, and applications to detect any suspicious behavior.

4.4. All employees, contractors, and third-party vendors are responsible for reporting any suspicious behavior or potential insider threats to the Information Security Manager or their supervisor.

Identification and Assessment: 

5.1. The Human Resources department will conduct background checks on all employees and contractors before granting them access to Liqvid PTE. LTD systems, data, or assets. 

5.2. The IT department will monitor user activities on the network, systems, and applications to identify any suspicious behavior or activity. 

5.3. The Information Security Manager will conduct periodic risk assessments to identify potential insider threats and assess the risk associated with them. 

5.4. The risk assessment will consider factors such as access privileges, job roles and responsibilities, and behavioral patterns.

6.1. Liqvid PTE. LTD will implement security controls to prevent and mitigate insider threats, including access controls, monitoring and auditing, and security awareness training. 

6.2. Access controls will be implemented to ensure that employees and contractors have access only to the systems, data, and assets required to perform their job duties.

6.3. Monitoring and auditing tools will be implemented to detect any unauthorized or suspicious activity on the network, systems, and applications.

6.4. Security awareness training will be provided to all employees, contractors, and third-party vendors to educate them on the risks of insider threats and how to prevent them.

Response and Recovery: 

7.1. Liqvid PTE. LTD will establish an incident response plan to respond to insider incidents in a coordinated and efficient manner. 

7.2. The incident response plan will include procedures for containing the incident, preserving evidence, and notifying the appropriate authorities. 

7.3. Liqvid PTE. LTD will conduct a post-incident review to identify any gaps in the insider threat program and implement corrective actions as necessary.

Conclusion: 

8. Liqvid PTE. LTD recognizes the importance of mitigating insider threats to protect our assets, systems, and data. This insider threat program is designed to identify, detect, prevent, and respond to insider incidents in a timely and effective manner. All employees, contractors, and third-party vendors are responsible for complying with this program and reporting any suspicious behavior or potential insider threats.