Goal: To detect and mitigate insider threats using deceptive techniques.
Approach: Detecting malicious activities by insiders using deception.
This element involves deploying deception assets and techniques to detect and deter malicious insiders. It may include creating fake files, documents, or credentials that are designed to attract insider attention.