Insider Threats
Tom McAndrew

1
Ninja
KU – “NINE”

Ninja
Shinobi

NO – “AND/TALENT
ONNA- “Woman”

ICHI – “ONE”

HIMEJI Castle

2
American Ninja Warrior

3
Today’s Threats
“The ongoing cyber-thefts from the networks of
public and private organizations, including Fortune
500 com...
ONCIX

5
ONCIX
• Insider threats remain the top counterintelligence challenge to our community.
• Over the past century, the most d...
NITTF

7
Six Recommendations from FBI
Ease of Implementation
More Technical

Less Technical

1. Use appropriate screening
processes...
Why we need Network Analytics?

9
Rapid Adoption of 4 “Game Changing” Technologies

10
Final Note

Thanks for listening.
Tom McAndrew
Tom.mcandrew@coalfire.com
11
Upcoming SlideShare
Loading in...5
×

CISummit 2013: Tom McAndrew, Discover Your Insider Threats through Their Network

398

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
398
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

CISummit 2013: Tom McAndrew, Discover Your Insider Threats through Their Network

  1. 1. Insider Threats Tom McAndrew 1
  2. 2. Ninja KU – “NINE” Ninja Shinobi NO – “AND/TALENT ONNA- “Woman” ICHI – “ONE” HIMEJI Castle 2
  3. 3. American Ninja Warrior 3
  4. 4. Today’s Threats “The ongoing cyber-thefts from the networks of public and private organizations, including Fortune 500 companies, represent the greatest transfer of wealth in human history.” 4 http://www.nsa.gov/research/tnw/tnw194/article2.shtml
  5. 5. ONCIX 5
  6. 6. ONCIX • Insider threats remain the top counterintelligence challenge to our community. • Over the past century, the most damaging U.S. counterintelligence failures were perpetrated by a trusted insider with ulterior motives. • In each case, the compromised individual exhibited the identifiable signs of a traitor – but the signs went unreported for years due to the unwillingness or inability of colleagues to accept the possibility of treason. • Insiders … are people who have been lured to betray their nation for ideological reasons, a lust for money or sex, or through blackmail. • Mankind's methods may change – but core motivations do not. • Insiders convicted of espionage have, on average, been active for a number of years before being caught. • The damage caused by malicious insiders will likely continue to increase unless we have effective insider threat detection programs that can proactively identify and mitigate the threats before they fully mature. 6 http://www.ncix.gov/issues/ithreat/index.php
  7. 7. NITTF 7
  8. 8. Six Recommendations from FBI Ease of Implementation More Technical Less Technical 1. Use appropriate screening processes to select new employees. 2. Educate and regularly train employees on security or other protocols 3. Provide non-threatening, convenient ways for employees to report suspicions. 5. Routinely monitor computer networks for suspicious activity. 4. Ensure that proprietary information is adequately, if not robustly, protected. 6. Ensure security (to include computer network security) personnel have the tools they need. “Remind employees that reporting security concerns is vital to protecting your company’s intellectual property, its reputation, its financial well-being, and its future. They are protecting their own jobs. Remind them that if they see something, to say something.” – FBI Insider Threats FBI: http://www.fbi.gov/about-us/investigate/counterintelligence/the-insider-threat ONCIX: http://www.ncix.gov/issues/ithreat 8
  9. 9. Why we need Network Analytics? 9
  10. 10. Rapid Adoption of 4 “Game Changing” Technologies 10
  11. 11. Final Note Thanks for listening. Tom McAndrew Tom.mcandrew@coalfire.com 11
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×