Your SlideShare is downloading. ×
  • Like
CISummit 2013: Tom McAndrew, Discover Your Insider Threats through Their Network
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

CISummit 2013: Tom McAndrew, Discover Your Insider Threats through Their Network

  • 326 views
Published

 

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
326
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
7
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Insider Threats Tom McAndrew 1
  • 2. Ninja KU – “NINE” Ninja Shinobi NO – “AND/TALENT ONNA- “Woman” ICHI – “ONE” HIMEJI Castle 2
  • 3. American Ninja Warrior 3
  • 4. Today’s Threats “The ongoing cyber-thefts from the networks of public and private organizations, including Fortune 500 companies, represent the greatest transfer of wealth in human history.” 4 http://www.nsa.gov/research/tnw/tnw194/article2.shtml
  • 5. ONCIX 5
  • 6. ONCIX • Insider threats remain the top counterintelligence challenge to our community. • Over the past century, the most damaging U.S. counterintelligence failures were perpetrated by a trusted insider with ulterior motives. • In each case, the compromised individual exhibited the identifiable signs of a traitor – but the signs went unreported for years due to the unwillingness or inability of colleagues to accept the possibility of treason. • Insiders … are people who have been lured to betray their nation for ideological reasons, a lust for money or sex, or through blackmail. • Mankind's methods may change – but core motivations do not. • Insiders convicted of espionage have, on average, been active for a number of years before being caught. • The damage caused by malicious insiders will likely continue to increase unless we have effective insider threat detection programs that can proactively identify and mitigate the threats before they fully mature. 6 http://www.ncix.gov/issues/ithreat/index.php
  • 7. NITTF 7
  • 8. Six Recommendations from FBI Ease of Implementation More Technical Less Technical 1. Use appropriate screening processes to select new employees. 2. Educate and regularly train employees on security or other protocols 3. Provide non-threatening, convenient ways for employees to report suspicions. 5. Routinely monitor computer networks for suspicious activity. 4. Ensure that proprietary information is adequately, if not robustly, protected. 6. Ensure security (to include computer network security) personnel have the tools they need. “Remind employees that reporting security concerns is vital to protecting your company’s intellectual property, its reputation, its financial well-being, and its future. They are protecting their own jobs. Remind them that if they see something, to say something.” – FBI Insider Threats FBI: http://www.fbi.gov/about-us/investigate/counterintelligence/the-insider-threat ONCIX: http://www.ncix.gov/issues/ithreat 8
  • 9. Why we need Network Analytics? 9
  • 10. Rapid Adoption of 4 “Game Changing” Technologies 10
  • 11. Final Note Thanks for listening. Tom McAndrew Tom.mcandrew@coalfire.com 11