SlideShare ist ein Scribd-Unternehmen logo

The Insider's Guide to the Insider Threat

Imperva
Imperva

Pinpointing the source and scope of data theft is often hard to quantify, especially since your largest internal threat may actually be one of your most loyal employees. This presentation presents the findings of the first-ever global insider threat study that catalogs common practices used by leading organizations across numerous verticals. This presentation will define the insider threat, quantify the prevalence of the problem, and uncover controls that have proven most effective at minimizing the risk of insider threats.

TechnologieBusiness
1 von 29
Downloaden Sie, um offline zu lesen
The Insider's Guide To Insider Threats Rob Rachwald Director of Security Strategy © 2012 Imperva, Inc. All rights reserved.
Agenda  Past Insider Threat Research  Our Methodology  Common Practices © 2012 Imperva, Inc. All rights reserved.
Today’s Presenter Rob Rachwald, Dir. of Security Strategy, Imperva  Research + Directs security strategy + Works with the Imperva Application Defense Center  Security experience + Fortify Software and Coverity + Helped secure Intel’s supply chain software + Extensive international experience in Japan, China, France, and Australia  Thought leadership + Presented at RSA, InfoSec, OWASP, ISACA + Appearances on CNN, SkyNews, BBC, NY Times, and USA Today  Graduated from University of California, Berkeley © 2012 Imperva, Inc. All rights reserved.
United Kingdom: Taking it with them when they go  70% of employees plan to take something with them when they leave the job + Intellectual property: 27% + Customer data: 17%  Over 50% feel they own the data Source: November 2010 London Street Survey of 1026 people, Imperva © 2012 Imperva, Inc. All rights reserved.
Shanghai and Beijing: Human nature at work?  62% took data when they left a job  56% admit to internal hacking  70% of Chinese admit to accessing information they shouldn’t have  36% feel they own the data Source: February 2011 Shanghai and Beijing Street Survey of 1012 people, Imperva © 2012 Imperva, Inc. All rights reserved.
Insider Threat Research in the Past  Did not provide a holistic approach and often focused on piecemeal activities, such as: + Threat modeling + Technology  Vendor centric: Focused on the latest three-letter acronym (TLA) approach  Difficult to implement 6 © 2012 Imperva, Inc. All rights reserved.
Our Methodology Jim’s Approach Start with 1,435 good companies. Examine their performance over 40 years. Find the 11 companies that became great. Our Variation Start with 1,000 good companies. + Collect good practices. + But harder to qualify statistically. 7 © 2012 Imperva, Inc. All rights reserved.
Our Sample Global Audience Many Shapes and Sizes Enterprises across five Multiple verticals across a continents. broad revenue spectrum. 8 © 2012 Imperva, Inc. All rights reserved.
Insider Threat Defined  Someone who has trust and access, and acquires intellectual property and/or data in excess of acceptable business requirements.  They do so: + Maliciously + Accidentally + By being compromised 9 © 2012 Imperva, Inc. All rights reserved.
The Catalog © 2012 Imperva, Inc. All rights reserved.
#1 Information security enables the business to grow, but grow securely 11 © 2012 Imperva, Inc. All rights reserved.
Practice #1: Building a Business Case  What: + Understand appetite for business risk and work with business to put a plan in place  How: + Work with line of business and speak to the right people, and understand what they protect and how much they would be willing to protect — early in the process + Make it personal + Explain how to strengthen the business + Use compliance to differentiate + Create informal teams 12 © 2012 Imperva, Inc. All rights reserved.
Practice #2: Build the A-Team  What: + Organizational model  How (two approaches): + Centralized model: one team that oversees all security + Decentralized model: Embed security with various business units 13 © 2012 Imperva, Inc. All rights reserved.
Practice #3: Work with HR  What: + InfoSec works with HR during the onboarding and offboarding process as well as implementing security programs  How (checklist): + Training and communications around security + Onboarding – Background checks – Psych testing – Special screening for executives + Violations + Terminations 14 © 2012 Imperva, Inc. All rights reserved.
Practice #4: Work with Legal  What: + Create a legal environment that promotes security  How: + Create scary legal policies, for example, implement compliance and legal policies around on and offboarding + Contract reviews with partners + Approve policies (email usage, network usage, social network usage, care of laptops and other portable devices, monitoring of user behavior) 15 © 2012 Imperva, Inc. All rights reserved.
Practice #5: Education  What: + Education programs to raise security awareness and efficacy  How: + Regular security training to cover threats and LOB role – Ideally, twice per year – Constant training that uses real world episodes (email, newsletters) that are not subject to timing – Online security awareness training + Educate yourself! 16 © 2012 Imperva, Inc. All rights reserved.
#2 Prioritizing 17 © 2012 Imperva, Inc. All rights reserved.
Practice #1: Size the Challenge  What: + Identify what makes your company unique  How (checklist): + Build a full employee inventory: total, transient, permanent, mobility, access restrictions + Partner profiling + Map threats – Identify malicious scenarios – Identify accidental scenarios + Define audit requirements + Define visibility requirements 18 © 2012 Imperva, Inc. All rights reserved.
Practice #2: Start small , think BIG  What: + Know who and what to secure  How: + Do not become inundated by data + Build and parse an inventory of what needs to be secured + Put in the basic controls, and then build + Determine what needs to be automated 19 © 2012 Imperva, Inc. All rights reserved.
Practice #3: Automation  What: + Automate certain security processes  How: + Find what systems you can automate, such as: – Online training – System inventory by an automated server discovery process – Fraud prevention – Provisioning and de-provisioning privileges – Employee departure (HR systems can notify IT immediately and remove permissions) – Clean-up dormant accounts 20 © 2012 Imperva, Inc. All rights reserved.
#3 Access Controls 21 © 2012 Imperva, Inc. All rights reserved.
Practice #1: Quis custodiet ipsos custodes?  What: + Lockdown admins and superusers, and develop a separate policy  How: + Use business owner to verify + Privileged user monitoring + Periodic review by business + Eliminate dormant accounts + Separate policies for administrators 22 © 2012 Imperva, Inc. All rights reserved.
Practice #2: Develop a Permissions Strategy  What: + Permissions structure that is comprehensive and flexible  How: + Use business owner to verify + Start with permissions discovery + Recognize key events: – Job changes – Terminations – Sensitive transactions should require additional approvals to prevent fraud – Cloud + Automate 23 © 2012 Imperva, Inc. All rights reserved.
Practice #3: Look for Aberrant Behavior  What: + Weirdness probably means trouble  How: + Profile normal, acceptable usage and access to sensitive items by… – Volume – Access speed – Privilege level + Put in place monitoring or “cameras in the vault” 24 © 2012 Imperva, Inc. All rights reserved.
Practice #4: Device Management  What: + Manage company and personal devices  How: + View data theft as a function of aberrant behavior + Put controls and monitoring on apps and databases + Remote wipe 25 © 2012 Imperva, Inc. All rights reserved.
#4 Technology 26 © 2012 Imperva, Inc. All rights reserved.
Practice #1: Rebalancing the Portfolio  What: + Pick the right technology with constant readjustments  How: + Map back to threats + Key: Rebalance your portfolio periodically and assess what you need and what you don’t! 27 © 2012 Imperva, Inc. All rights reserved.
Webinar Materials Join LinkedIn Group Imperva Data Security Direct for… Answers to Post-Webinar Attendee Discussions Questions Webinar Webinar Slides Recording Link © 2012 Imperva, Inc. All rights reserved.
www.imperva.com © 2012 Imperva, Inc. All rights reserved.

Empfohlen

How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threatzhihaochen
 
Cybertopic_1security
Cybertopic_1securityCybertopic_1security
Cybertopic_1securityAnne Starr
 
It risk assessment
It risk assessmentIt risk assessment
It risk assessmentHappiest Minds Technologies
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
 
Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk ManagementDeepak Bansal, CPA CISSP
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersJack Nichelson
 

Empfohlen

How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threatzhihaochen
 
Cybertopic_1security
Cybertopic_1securityCybertopic_1security
Cybertopic_1securityAnne Starr
 
It risk assessment
It risk assessmentIt risk assessment
It risk assessmentHappiest Minds Technologies
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
 
Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk ManagementDeepak Bansal, CPA CISSP
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersJack Nichelson
 
Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Universidad Cenfotec
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach riskLivingstone Advisory
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2Semir Ibrahimovic
 
Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle ManagementBarry Caplin
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOnRamp
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementseadeloitte
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftAppsian
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...balejandre
 
Websense
WebsenseWebsense
WebsenseCMR WORLD TECH
 
Creating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesCreating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesDiane M. Metcalf
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017EQS Group
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attackerseadeloitte
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014Aladdin Dandis
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 

Weitere ähnliche Inhalte

Was ist angesagt?

Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Universidad Cenfotec
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach riskLivingstone Advisory
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle ManagementBarry Caplin
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOnRamp
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementseadeloitte
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftAppsian
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...balejandre
 
Creating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesCreating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesDiane M. Metcalf
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017EQS Group
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attackerseadeloitte
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 

Was ist angesagt? (18)

Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach risk
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle Management
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security Model
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access management
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoft
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...
 
Websense
WebsenseWebsense
Websense
 
Creating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesCreating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware Practices
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014
 

Andere mochten auch

The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider ThreatsLancope, Inc.
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threatzhihaochen
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityObserveIT
 
SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds
 
Gov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsGov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsSplunk
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatAndrew Case
 
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaInsider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaRaffael Marty
 
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...ObserveIT
 
Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Defence and Security Accelerator
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessEric Schiowitz
 
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...Phil Legg
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutLancope, Inc.
 
NIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapNIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapWAJAHAT IQBAL
 

Andere mochten auch (20)

The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider Threats
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
 
SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015
 
Gov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsGov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior Analytics
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider Threat
 
Insider Threat Experiences
Insider Threat ExperiencesInsider Threat Experiences
Insider Threat Experiences
 
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaInsider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
 
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
 
Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
 
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
NIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapNIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmap
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
 

Ähnlich wie The Insider's Guide to the Insider Threat

Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...
Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...
Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...IT Network marcus evans
 
Making Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in BusinessMaking Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in BusinessRafal Los
 
Ultimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI ModelUltimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI ModelRafal Los
 
Do Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredDo Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredNetIQ
 
PINAR AKKAYA - The Human Dimension
PINAR AKKAYA - The Human DimensionPINAR AKKAYA - The Human Dimension
PINAR AKKAYA - The Human DimensionPinar AKKAYA
 
Shaping-Up SharePoint Security in 5 Steps
Shaping-Up SharePoint Security in 5 StepsShaping-Up SharePoint Security in 5 Steps
Shaping-Up SharePoint Security in 5 StepsImperva
 
Pollenizer Intro Deck
Pollenizer Intro DeckPollenizer Intro Deck
Pollenizer Intro DeckPhil Morle
 
Data Infused Product Design and Insights at LinkedIn
Data Infused Product Design and Insights at LinkedInData Infused Product Design and Insights at LinkedIn
Data Infused Product Design and Insights at LinkedInYael Garten
 
Patrick Ternier, CEO, Innovation Framework Technologies
Patrick Ternier, CEO, Innovation Framework TechnologiesPatrick Ternier, CEO, Innovation Framework Technologies
Patrick Ternier, CEO, Innovation Framework TechnologiesKGS Global
 
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...Jeff Willinger
 
Analytics Solutions from SAP
Analytics Solutions from SAPAnalytics Solutions from SAP
Analytics Solutions from SAPSAP Analytics
 
Your IT Career & the Next-Gen Enterprise
Your IT Career & the Next-Gen EnterpriseYour IT Career & the Next-Gen Enterprise
Your IT Career & the Next-Gen EnterprisePointwest
 
Harvey Nash USA Webinar: The Big Opportunity of Big Data
Harvey Nash USA Webinar: The Big Opportunity of Big DataHarvey Nash USA Webinar: The Big Opportunity of Big Data
Harvey Nash USA Webinar: The Big Opportunity of Big DataHarveyNashUSA
 
Introducing Pollenizer - May 2009
Introducing Pollenizer - May 2009Introducing Pollenizer - May 2009
Introducing Pollenizer - May 2009Mick Liubinskas
 
Rethinking Company Resources
Rethinking Company ResourcesRethinking Company Resources
Rethinking Company ResourcesProfiles Asia
 
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedIn
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedInA Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedIn
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedInAmy W. Tang
 
Social Customer Service Lessons Learned
Social Customer Service Lessons LearnedSocial Customer Service Lessons Learned
Social Customer Service Lessons LearnedAndrew Maher
 
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...DATAVERSITY
 

Ähnlich wie The Insider's Guide to the Insider Threat (20)

Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...
Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...
Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...
 
Making Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in BusinessMaking Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in Business
 
Ultimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI ModelUltimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI Model
 
Do Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredDo Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get Fired
 
PINAR AKKAYA - The Human Dimension
PINAR AKKAYA - The Human DimensionPINAR AKKAYA - The Human Dimension
PINAR AKKAYA - The Human Dimension
 
Shaping-Up SharePoint Security in 5 Steps
Shaping-Up SharePoint Security in 5 StepsShaping-Up SharePoint Security in 5 Steps
Shaping-Up SharePoint Security in 5 Steps
 
Pollenizer Intro Deck
Pollenizer Intro DeckPollenizer Intro Deck
Pollenizer Intro Deck
 
Data Infused Product Design and Insights at LinkedIn
Data Infused Product Design and Insights at LinkedInData Infused Product Design and Insights at LinkedIn
Data Infused Product Design and Insights at LinkedIn
 
Patrick Ternier, CEO, Innovation Framework Technologies
Patrick Ternier, CEO, Innovation Framework TechnologiesPatrick Ternier, CEO, Innovation Framework Technologies
Patrick Ternier, CEO, Innovation Framework Technologies
 
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...
 
Engagement through social media at IBM
Engagement through social media at IBMEngagement through social media at IBM
Engagement through social media at IBM
 
Adobe Systems
Adobe SystemsAdobe Systems
Adobe Systems
 
Analytics Solutions from SAP
Analytics Solutions from SAPAnalytics Solutions from SAP
Analytics Solutions from SAP
 
Your IT Career & the Next-Gen Enterprise
Your IT Career & the Next-Gen EnterpriseYour IT Career & the Next-Gen Enterprise
Your IT Career & the Next-Gen Enterprise
 
Harvey Nash USA Webinar: The Big Opportunity of Big Data
Harvey Nash USA Webinar: The Big Opportunity of Big DataHarvey Nash USA Webinar: The Big Opportunity of Big Data
Harvey Nash USA Webinar: The Big Opportunity of Big Data
 
Introducing Pollenizer - May 2009
Introducing Pollenizer - May 2009Introducing Pollenizer - May 2009
Introducing Pollenizer - May 2009
 
Rethinking Company Resources
Rethinking Company ResourcesRethinking Company Resources
Rethinking Company Resources
 
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedIn
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedInA Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedIn
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedIn
 
Social Customer Service Lessons Learned
Social Customer Service Lessons LearnedSocial Customer Service Lessons Learned
Social Customer Service Lessons Learned
 
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...
 

Mehr von Imperva

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyImperva
 
API Security Survey
API Security SurveyAPI Security Survey
API Security SurveyImperva
 
Imperva ppt
Imperva pptImperva ppt
Imperva pptImperva
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountImperva
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Imperva
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesImperva
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchImperva
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRImperva
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware Imperva
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged VendorsImperva
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet SophisticationImperva
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made EasyImperva
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceImperva
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyImperva
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR PlanImperva
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataImperva
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityImperva
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationImperva
 

Mehr von Imperva (20)

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 Survey
 
API Security Survey
API Security SurveyAPI Security Survey
API Security Survey
 
Imperva ppt
Imperva pptImperva ppt
Imperva ppt
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked account
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to Narratives
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over Lunch
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber Security
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPR
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet Sophistication
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made Easy
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense Report
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat Intelligence
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR Plan
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your Data
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data Security
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
 

Kürzlich hochgeladen

Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 

Kürzlich hochgeladen (20)

Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 

The Insider's Guide to the Insider Threat

  • 1. The Insider's Guide To Insider Threats Rob Rachwald Director of Security Strategy © 2012 Imperva, Inc. All rights reserved.
  • 2. Agenda  Past Insider Threat Research  Our Methodology  Common Practices © 2012 Imperva, Inc. All rights reserved.
  • 3. Today’s Presenter Rob Rachwald, Dir. of Security Strategy, Imperva  Research + Directs security strategy + Works with the Imperva Application Defense Center  Security experience + Fortify Software and Coverity + Helped secure Intel’s supply chain software + Extensive international experience in Japan, China, France, and Australia  Thought leadership + Presented at RSA, InfoSec, OWASP, ISACA + Appearances on CNN, SkyNews, BBC, NY Times, and USA Today  Graduated from University of California, Berkeley © 2012 Imperva, Inc. All rights reserved.
  • 4. United Kingdom: Taking it with them when they go  70% of employees plan to take something with them when they leave the job + Intellectual property: 27% + Customer data: 17%  Over 50% feel they own the data Source: November 2010 London Street Survey of 1026 people, Imperva © 2012 Imperva, Inc. All rights reserved.
  • 5. Shanghai and Beijing: Human nature at work?  62% took data when they left a job  56% admit to internal hacking  70% of Chinese admit to accessing information they shouldn’t have  36% feel they own the data Source: February 2011 Shanghai and Beijing Street Survey of 1012 people, Imperva © 2012 Imperva, Inc. All rights reserved.
  • 6. Insider Threat Research in the Past  Did not provide a holistic approach and often focused on piecemeal activities, such as: + Threat modeling + Technology  Vendor centric: Focused on the latest three-letter acronym (TLA) approach  Difficult to implement 6 © 2012 Imperva, Inc. All rights reserved.
  • 7. Our Methodology Jim’s Approach Start with 1,435 good companies. Examine their performance over 40 years. Find the 11 companies that became great. Our Variation Start with 1,000 good companies. + Collect good practices. + But harder to qualify statistically. 7 © 2012 Imperva, Inc. All rights reserved.
  • 8. Our Sample Global Audience Many Shapes and Sizes Enterprises across five Multiple verticals across a continents. broad revenue spectrum. 8 © 2012 Imperva, Inc. All rights reserved.
  • 9. Insider Threat Defined  Someone who has trust and access, and acquires intellectual property and/or data in excess of acceptable business requirements.  They do so: + Maliciously + Accidentally + By being compromised 9 © 2012 Imperva, Inc. All rights reserved.
  • 10. The Catalog © 2012 Imperva, Inc. All rights reserved.
  • 11. #1 Information security enables the business to grow, but grow securely 11 © 2012 Imperva, Inc. All rights reserved.
  • 12. Practice #1: Building a Business Case  What: + Understand appetite for business risk and work with business to put a plan in place  How: + Work with line of business and speak to the right people, and understand what they protect and how much they would be willing to protect — early in the process + Make it personal + Explain how to strengthen the business + Use compliance to differentiate + Create informal teams 12 © 2012 Imperva, Inc. All rights reserved.
  • 13. Practice #2: Build the A-Team  What: + Organizational model  How (two approaches): + Centralized model: one team that oversees all security + Decentralized model: Embed security with various business units 13 © 2012 Imperva, Inc. All rights reserved.
  • 14. Practice #3: Work with HR  What: + InfoSec works with HR during the onboarding and offboarding process as well as implementing security programs  How (checklist): + Training and communications around security + Onboarding – Background checks – Psych testing – Special screening for executives + Violations + Terminations 14 © 2012 Imperva, Inc. All rights reserved.
  • 15. Practice #4: Work with Legal  What: + Create a legal environment that promotes security  How: + Create scary legal policies, for example, implement compliance and legal policies around on and offboarding + Contract reviews with partners + Approve policies (email usage, network usage, social network usage, care of laptops and other portable devices, monitoring of user behavior) 15 © 2012 Imperva, Inc. All rights reserved.
  • 16. Practice #5: Education  What: + Education programs to raise security awareness and efficacy  How: + Regular security training to cover threats and LOB role – Ideally, twice per year – Constant training that uses real world episodes (email, newsletters) that are not subject to timing – Online security awareness training + Educate yourself! 16 © 2012 Imperva, Inc. All rights reserved.
  • 17. #2 Prioritizing 17 © 2012 Imperva, Inc. All rights reserved.
  • 18. Practice #1: Size the Challenge  What: + Identify what makes your company unique  How (checklist): + Build a full employee inventory: total, transient, permanent, mobility, access restrictions + Partner profiling + Map threats – Identify malicious scenarios – Identify accidental scenarios + Define audit requirements + Define visibility requirements 18 © 2012 Imperva, Inc. All rights reserved.
  • 19. Practice #2: Start small , think BIG  What: + Know who and what to secure  How: + Do not become inundated by data + Build and parse an inventory of what needs to be secured + Put in the basic controls, and then build + Determine what needs to be automated 19 © 2012 Imperva, Inc. All rights reserved.
  • 20. Practice #3: Automation  What: + Automate certain security processes  How: + Find what systems you can automate, such as: – Online training – System inventory by an automated server discovery process – Fraud prevention – Provisioning and de-provisioning privileges – Employee departure (HR systems can notify IT immediately and remove permissions) – Clean-up dormant accounts 20 © 2012 Imperva, Inc. All rights reserved.
  • 21. #3 Access Controls 21 © 2012 Imperva, Inc. All rights reserved.
  • 22. Practice #1: Quis custodiet ipsos custodes?  What: + Lockdown admins and superusers, and develop a separate policy  How: + Use business owner to verify + Privileged user monitoring + Periodic review by business + Eliminate dormant accounts + Separate policies for administrators 22 © 2012 Imperva, Inc. All rights reserved.
  • 23. Practice #2: Develop a Permissions Strategy  What: + Permissions structure that is comprehensive and flexible  How: + Use business owner to verify + Start with permissions discovery + Recognize key events: – Job changes – Terminations – Sensitive transactions should require additional approvals to prevent fraud – Cloud + Automate 23 © 2012 Imperva, Inc. All rights reserved.
  • 24. Practice #3: Look for Aberrant Behavior  What: + Weirdness probably means trouble  How: + Profile normal, acceptable usage and access to sensitive items by… – Volume – Access speed – Privilege level + Put in place monitoring or “cameras in the vault” 24 © 2012 Imperva, Inc. All rights reserved.
  • 25. Practice #4: Device Management  What: + Manage company and personal devices  How: + View data theft as a function of aberrant behavior + Put controls and monitoring on apps and databases + Remote wipe 25 © 2012 Imperva, Inc. All rights reserved.
  • 26. #4 Technology 26 © 2012 Imperva, Inc. All rights reserved.
  • 27. Practice #1: Rebalancing the Portfolio  What: + Pick the right technology with constant readjustments  How: + Map back to threats + Key: Rebalance your portfolio periodically and assess what you need and what you don’t! 27 © 2012 Imperva, Inc. All rights reserved.
  • 28. Webinar Materials Join LinkedIn Group Imperva Data Security Direct for… Answers to Post-Webinar Attendee Discussions Questions Webinar Webinar Slides Recording Link © 2012 Imperva, Inc. All rights reserved.
  • 29. www.imperva.com © 2012 Imperva, Inc. All rights reserved.