SlideShare ist ein Scribd-Unternehmen logo

Developing Your Insider Threat Program: Insider Threat Best Practices

Als PPT, PDF herunterladen
Government Technology and Services Coalition
Government Technology and Services Coalition

Developing Your Insider Threat Program: Insider Threat Best Practices presented at The National Security Supply Chain: Reducing the Vulnerabilities meeting by the Government Technology & Services Coalition (GTSC)

BusinessTechnologie
1 von 17
Insider Threat: Best Practices Katherine D. Mills CENTRA Technology, Inc. CENTRA TECHNOLOGY, INC. 1
Threat is Now: Recent Malicious Insiders Major Nidal Hassan – Responsible for shooting at Fort Hood Texas Bradley Manning – Unauthorized disclosure to WikiLeaks Edward Snowden – Unauthorized disclosure of NSA surveillance programs Aaron Alexis – Responsible for shooting at the Washington Navy Yard CENTRA TECHNOLOGY, INC. 2
Why Consider Insider Threat?  Protect national security and corporate assets – We don’t want to be in the news  Will be required by Government – Changes to NISPOM – Required by Sponsors  Want to ensure we are taking positive steps to protect our company and assets CENTRA TECHNOLOGY, INC. 3
How to Begin…  Do your research: Tons of free resources available – CERT • Common Sense Guide to Mitigating Insider Threats – DSS • Insider threat video and brochures – FBI website and movie “Betrayed” – ONCIX website – ASIS • “Detecting the Insider Threat,” October 2013 CENTRA TECHNOLOGY, INC. 4
Steps  Team  Assets  Procedures  Awareness  Document plan CENTRA TECHNOLOGY, INC. 5
Step 1: Identify the Team  Identify team members who understand and can contribute to the mission: – – – – COO HR Security IT  Who will be responsible for: – – – – Drafting the plan Reporting to sponsors and Government Bi-monthly meetings Budget approval CENTRA TECHNOLOGY, INC. 6
Step 2: Understand Your Assets Conduct a risk assessment Talk to management about assets – What are the corporate jewels? – Are they currently protected? – How sensitive are they? • What is the risk if they are leaked? – Who has access to the information? CENTRA TECHNOLOGY, INC. 7
Step 3: Tighten Up Procedures  Tighten procedures – Termination procedures – Unclassified data handling and access  Document expectations to staff  Violation policy CENTRA TECHNOLOGY, INC. 8
Step 4: Security Education  Free cartoons, brochures, articles available – No need to reinvent the wheel!  Incorporate insider threat into annual refresher training  Monthly security news item on reporting  Updated current policies – Acceptable Use Policy  Ensure staff understand reporting; make it easy for staff to report confidentially CENTRA TECHNOLOGY, INC. 9
Step 5: Draft a Plan  Document what you have learned  Steps 1-4: – – – – Team What are assets and overall risk What procedures have been impacted Security education program  Work-in-progress CENTRA TECHNOLOGY, INC. 10
Confronting the Insider Threat “It is important for each company to identify what an insider threat is and to set a policy in place on how to deal with insider threats. The policies must outline certain types of behavior that warrant scrutiny, disciplinary action, or even termination so that companies have a basis from which to work when they do identify potential threats.” ASIS: October 2013 CENTRA TECHNOLOGY, INC. 11
Encourage Reporting  Encourage employees to report  Provide confidential means of reporting  Staff holding security clearance are required to report adverse information, including potential threats  Trust your instincts, if you see something, say something!  It is better to report something that turns out to be nothing than to not report a serious security issue CENTRA TECHNOLOGY, INC. 12
Detecting the Insider Post incident investigations reveal family, friends, or coworkers notice a suspect’s indicators, but they fail to report concerns “Subjects often tell people close to them what they are doing, and sometimes even engage associates in the process. Former intimates (spouses, lovers, close friends – people with whom they spent a good deal of time) are a potentially important source of information in all investigations.”* *Source: Declassified Director of Central Intelligence Memorandum of 12 April 1990; Subject: Project Slammer Interim Report CENTRA TECHNOLOGY, INC. 13
Threat Indicators  Apparent unexplained affluence or excessive indebtedness  Efforts to conceal foreign contacts, travel, or foreign interests  Access to information or IT systems without need-to-know  Exploitable behavior – criminal activity – excessive gambling – drug or alcohol abuse – problems at work  Questionable judgment or untrustworthiness CENTRA TECHNOLOGY, INC. 14
Threat Indicators, cont.  Apparent mental, emotional or personality disorders(s)  Disgruntled  Working odd or late hours  Unreported foreign travel  Suspicious foreign contacts  Unreported offer of financial assistance, gifts, or favors by a foreign national or stranger  Requesting access to information outside of official job duties including sensitive or classified information CENTRA TECHNOLOGY, INC. 15
Summary of Best Practices  Know your people; recognize concerning behaviors as potential indicators  Protect your “crown jewels”  Pay close attention at termination  Monitor ingress and egress points (IT systems and physical security)  Baseline normal activity and look for anomalies  Work together across organization  Educate employees regarding potential recruitment CENTRA TECHNOLOGY, INC. 16
Sources CENTRA TECHNOLOGY, INC. http://threatgeek.typepad.com/.a/6a0147e41f3c0a970b0177429dd0ce970d-pi 17

Empfohlen

Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chainTarun Gupta,CRISC CISSP CISM CISA BCCE
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziKashif Semple
 
Insider threat event presentation
Insider threat event presentationInsider threat event presentation
Insider threat event presentationIISPEastMids
 
Insider threat
Insider threatInsider threat
Insider threatARCON TECHSOLUTIONS
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider ThreatMurray Security Services
 
Malicious Insiders
Malicious InsidersMalicious Insiders
Malicious Insidersgjohansen
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 

Empfohlen

Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chainTarun Gupta,CRISC CISSP CISM CISA BCCE
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziKashif Semple
 
Insider threat event presentation
Insider threat event presentationInsider threat event presentation
Insider threat event presentationIISPEastMids
 
Insider threat
Insider threatInsider threat
Insider threatARCON TECHSOLUTIONS
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider ThreatMurray Security Services
 
Malicious Insiders
Malicious InsidersMalicious Insiders
Malicious Insidersgjohansen
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
GTSC 5th Anniversary Annual Report: Steady in a Sea of Change
GTSC 5th Anniversary Annual Report: Steady in a Sea of ChangeGTSC 5th Anniversary Annual Report: Steady in a Sea of Change
GTSC 5th Anniversary Annual Report: Steady in a Sea of ChangeGovernment Technology and Services Coalition
 
Government Technology & Services Coalition 2015 Annual Report
Government Technology & Services Coalition 2015 Annual ReportGovernment Technology & Services Coalition 2015 Annual Report
Government Technology & Services Coalition 2015 Annual ReportGovernment Technology and Services Coalition
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsGovernment Technology and Services Coalition
 
GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...
GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...
GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...Government Technology and Services Coalition
 
GTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big Picture
GTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big PictureGTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big Picture
GTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big PictureGovernment Technology and Services Coalition
 
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...Government Technology and Services Coalition
 
GTSC Annual Meeting 2014: BD Exchange
GTSC Annual Meeting 2014: BD ExchangeGTSC Annual Meeting 2014: BD Exchange
GTSC Annual Meeting 2014: BD ExchangeGovernment Technology and Services Coalition
 
GTSC June 2013 - November 2014 Annual Report
GTSC June 2013 - November 2014 Annual ReportGTSC June 2013 - November 2014 Annual Report
GTSC June 2013 - November 2014 Annual ReportGovernment Technology and Services Coalition
 
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber SurveyKristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber SurveyGovernment Technology and Services Coalition
 
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Government Technology and Services Coalition
 
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...Government Technology and Services Coalition
 
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Government Technology and Services Coalition
 
David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...
David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...
David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...Government Technology and Services Coalition
 
Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...
Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...
Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...Government Technology and Services Coalition
 
Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...
Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...
Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...Government Technology and Services Coalition
 
Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...
Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...
Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...Government Technology and Services Coalition
 
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...Government Technology and Services Coalition
 
Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...
Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...
Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...Government Technology and Services Coalition
 
Brian Usher: The Evolving Threats: A Local Government Perspective
Brian Usher: The Evolving Threats: A Local Government PerspectiveBrian Usher: The Evolving Threats: A Local Government Perspective
Brian Usher: The Evolving Threats: A Local Government PerspectiveGovernment Technology and Services Coalition
 
David Kaufman: FEMA's Preparedness: A Leading, Agile, Focused Agency
David Kaufman: FEMA's Preparedness: A Leading, Agile, Focused AgencyDavid Kaufman: FEMA's Preparedness: A Leading, Agile, Focused Agency
David Kaufman: FEMA's Preparedness: A Leading, Agile, Focused AgencyGovernment Technology and Services Coalition
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...daisycvs
 
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...meghakumariji156
 

Weitere ähnliche Inhalte

Mehr von Government Technology and Services Coalition

Mehr von Government Technology and Services Coalition (20)

GTSC 5th Anniversary Annual Report: Steady in a Sea of Change
GTSC 5th Anniversary Annual Report: Steady in a Sea of ChangeGTSC 5th Anniversary Annual Report: Steady in a Sea of Change
GTSC 5th Anniversary Annual Report: Steady in a Sea of Change
 
Government Technology & Services Coalition 2015 Annual Report
Government Technology & Services Coalition 2015 Annual ReportGovernment Technology & Services Coalition 2015 Annual Report
Government Technology & Services Coalition 2015 Annual Report
 
Robert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government ContractorsRobert Nichols: Cybersecurity for Government Contractors
Robert Nichols: Cybersecurity for Government Contractors
 
GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...
GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...
GTSC Annual Meeting 2014: Michelle Mrdeza: What to Expect When You Are Expect...
 
GTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big Picture
GTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big PictureGTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big Picture
GTSC Annual Meeting 2014: Chani Wiggins: 114th Congress: Big Picture
 
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
GTSC Annual Meeting 2014: Justin Chiarodo: Ethics & Compliance: Suspension an...
 
GTSC Annual Meeting 2014: BD Exchange
GTSC Annual Meeting 2014: BD ExchangeGTSC Annual Meeting 2014: BD Exchange
GTSC Annual Meeting 2014: BD Exchange
 
GTSC June 2013 - November 2014 Annual Report
GTSC June 2013 - November 2014 Annual ReportGTSC June 2013 - November 2014 Annual Report
GTSC June 2013 - November 2014 Annual Report
 
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber SurveyKristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
Kristina Tanasichuk: Presentation of GTSC/InfraGard Cyber Survey
 
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
 
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...
Dr. Jim Murray: How do we Protect our Systems and Meet Compliance in a Rapidl...
 
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...
 
David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...
David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...
David Knox: How do we Protect our Systems and Meet Compliance in a Rapidly Ch...
 
Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...
Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...
Antwayne Johnson: Alert/Notification Technologies: The Integrated Public Aler...
 
Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...
Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...
Justin Chiarodo: Government Contracts & Insurance Issues: How Prepared is You...
 
Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...
Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...
Todd Jasper: How Can We Leverage Technology to Improve Performance: Social Me...
 
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
Kevin Delin: How Can We Leverage Technology to Improve Performance: The Senso...
 
Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...
Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...
Brian Lepore: The Evolving Threats: GAO's Report on DOD's Infrastructure Adap...
 
Brian Usher: The Evolving Threats: A Local Government Perspective
Brian Usher: The Evolving Threats: A Local Government PerspectiveBrian Usher: The Evolving Threats: A Local Government Perspective
Brian Usher: The Evolving Threats: A Local Government Perspective
 
David Kaufman: FEMA's Preparedness: A Leading, Agile, Focused Agency
David Kaufman: FEMA's Preparedness: A Leading, Agile, Focused AgencyDavid Kaufman: FEMA's Preparedness: A Leading, Agile, Focused Agency
David Kaufman: FEMA's Preparedness: A Leading, Agile, Focused Agency
 

Kürzlich hochgeladen

Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...daisycvs
 
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...meghakumariji156
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1kcpayne
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptxnandhinijagan9867
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPanhandleOilandGas
 
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGpr788182
 
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGpr788182
 
Cuttack Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Cuttack Call Girl Just Call 8084732287 Top Class Call Girl Service AvailableCuttack Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Cuttack Call Girl Just Call 8084732287 Top Class Call Girl Service Availablepr788182
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwaitdaisycvs
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentationuneakwhite
 
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)Adnet Communications
 
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTSJAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTSkajalroy875762
 
Nanded Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Nanded Call Girl Just Call 8084732287 Top Class Call Girl Service AvailableNanded Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Nanded Call Girl Just Call 8084732287 Top Class Call Girl Service Availablepr788182
 
Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...
Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...
Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...pr788182
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistanvineshkumarsajnani12
 
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book nowKALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book nowkapoorjyoti4444
 
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecJual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecZurliaSoop
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizharallensay1
 

Kürzlich hochgeladen (20)

Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
Escorts in Nungambakkam Phone 8250092165 Enjoy 24/7 Escort Service Enjoy Your...
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation Final
 
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur 70918*19311 CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGBerhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Berhampur CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Cuttack Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Cuttack Call Girl Just Call 8084732287 Top Class Call Girl Service AvailableCuttack Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Cuttack Call Girl Just Call 8084732287 Top Class Call Girl Service Available
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
Lundin Gold - Q1 2024 Conference Call Presentation (Revised)
 
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTSJAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
JAJPUR CALL GIRL ❤ 82729*64427❤ CALL GIRLS IN JAJPUR ESCORTS
 
Nanded Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Nanded Call Girl Just Call 8084732287 Top Class Call Girl Service AvailableNanded Call Girl Just Call 8084732287 Top Class Call Girl Service Available
Nanded Call Girl Just Call 8084732287 Top Class Call Girl Service Available
 
Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...
Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...
Bangalore Call Girl Just Call♥️ 8084732287 ♥️Top Class Call Girl Service Avai...
 
Buy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail AccountsBuy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail Accounts
 
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in PakistanChallenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
Challenges and Opportunities: A Qualitative Study on Tax Compliance in Pakistan
 
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book nowKALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
KALYANI 💋 Call Girl 9827461493 Call Girls in Escort service book now
 
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan CytotecJual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
Jual Obat Aborsi ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan Cytotec
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
 

Developing Your Insider Threat Program: Insider Threat Best Practices

  • 1. Insider Threat: Best Practices Katherine D. Mills CENTRA Technology, Inc. CENTRA TECHNOLOGY, INC. 1
  • 2. Threat is Now: Recent Malicious Insiders Major Nidal Hassan – Responsible for shooting at Fort Hood Texas Bradley Manning – Unauthorized disclosure to WikiLeaks Edward Snowden – Unauthorized disclosure of NSA surveillance programs Aaron Alexis – Responsible for shooting at the Washington Navy Yard CENTRA TECHNOLOGY, INC. 2
  • 3. Why Consider Insider Threat?  Protect national security and corporate assets – We don’t want to be in the news  Will be required by Government – Changes to NISPOM – Required by Sponsors  Want to ensure we are taking positive steps to protect our company and assets CENTRA TECHNOLOGY, INC. 3
  • 4. How to Begin…  Do your research: Tons of free resources available – CERT • Common Sense Guide to Mitigating Insider Threats – DSS • Insider threat video and brochures – FBI website and movie “Betrayed” – ONCIX website – ASIS • “Detecting the Insider Threat,” October 2013 CENTRA TECHNOLOGY, INC. 4
  • 5. Steps  Team  Assets  Procedures  Awareness  Document plan CENTRA TECHNOLOGY, INC. 5
  • 6. Step 1: Identify the Team  Identify team members who understand and can contribute to the mission: – – – – COO HR Security IT  Who will be responsible for: – – – – Drafting the plan Reporting to sponsors and Government Bi-monthly meetings Budget approval CENTRA TECHNOLOGY, INC. 6
  • 7. Step 2: Understand Your Assets Conduct a risk assessment Talk to management about assets – What are the corporate jewels? – Are they currently protected? – How sensitive are they? • What is the risk if they are leaked? – Who has access to the information? CENTRA TECHNOLOGY, INC. 7
  • 8. Step 3: Tighten Up Procedures  Tighten procedures – Termination procedures – Unclassified data handling and access  Document expectations to staff  Violation policy CENTRA TECHNOLOGY, INC. 8
  • 9. Step 4: Security Education  Free cartoons, brochures, articles available – No need to reinvent the wheel!  Incorporate insider threat into annual refresher training  Monthly security news item on reporting  Updated current policies – Acceptable Use Policy  Ensure staff understand reporting; make it easy for staff to report confidentially CENTRA TECHNOLOGY, INC. 9
  • 10. Step 5: Draft a Plan  Document what you have learned  Steps 1-4: – – – – Team What are assets and overall risk What procedures have been impacted Security education program  Work-in-progress CENTRA TECHNOLOGY, INC. 10
  • 11. Confronting the Insider Threat “It is important for each company to identify what an insider threat is and to set a policy in place on how to deal with insider threats. The policies must outline certain types of behavior that warrant scrutiny, disciplinary action, or even termination so that companies have a basis from which to work when they do identify potential threats.” ASIS: October 2013 CENTRA TECHNOLOGY, INC. 11
  • 12. Encourage Reporting  Encourage employees to report  Provide confidential means of reporting  Staff holding security clearance are required to report adverse information, including potential threats  Trust your instincts, if you see something, say something!  It is better to report something that turns out to be nothing than to not report a serious security issue CENTRA TECHNOLOGY, INC. 12
  • 13. Detecting the Insider Post incident investigations reveal family, friends, or coworkers notice a suspect’s indicators, but they fail to report concerns “Subjects often tell people close to them what they are doing, and sometimes even engage associates in the process. Former intimates (spouses, lovers, close friends – people with whom they spent a good deal of time) are a potentially important source of information in all investigations.”* *Source: Declassified Director of Central Intelligence Memorandum of 12 April 1990; Subject: Project Slammer Interim Report CENTRA TECHNOLOGY, INC. 13
  • 14. Threat Indicators  Apparent unexplained affluence or excessive indebtedness  Efforts to conceal foreign contacts, travel, or foreign interests  Access to information or IT systems without need-to-know  Exploitable behavior – criminal activity – excessive gambling – drug or alcohol abuse – problems at work  Questionable judgment or untrustworthiness CENTRA TECHNOLOGY, INC. 14
  • 15. Threat Indicators, cont.  Apparent mental, emotional or personality disorders(s)  Disgruntled  Working odd or late hours  Unreported foreign travel  Suspicious foreign contacts  Unreported offer of financial assistance, gifts, or favors by a foreign national or stranger  Requesting access to information outside of official job duties including sensitive or classified information CENTRA TECHNOLOGY, INC. 15
  • 16. Summary of Best Practices  Know your people; recognize concerning behaviors as potential indicators  Protect your “crown jewels”  Pay close attention at termination  Monitor ingress and egress points (IT systems and physical security)  Baseline normal activity and look for anomalies  Work together across organization  Educate employees regarding potential recruitment CENTRA TECHNOLOGY, INC. 16

Hinweis der Redaktion

  1. Here are the priorities for putting your plan in place We’ll discuss each of these in some detail
  2. According to ASIS article on Confronting the Insider Threat