SlideShare a Scribd company logo

The Insider's Guide to the Insider Threat

Imperva
Imperva

Pinpointing the source and scope of data theft is often hard to quantify, especially since your largest internal threat may actually be one of your most loyal employees. This presentation presents the findings of the first-ever global insider threat study that catalogs common practices used by leading organizations across numerous verticals. This presentation will define the insider threat, quantify the prevalence of the problem, and uncover controls that have proven most effective at minimizing the risk of insider threats.

TechnologyBusiness
1 of 29
Download to read offline
The Insider's Guide To Insider Threats Rob Rachwald Director of Security Strategy © 2012 Imperva, Inc. All rights reserved.
Agenda  Past Insider Threat Research  Our Methodology  Common Practices © 2012 Imperva, Inc. All rights reserved.
Today’s Presenter Rob Rachwald, Dir. of Security Strategy, Imperva  Research + Directs security strategy + Works with the Imperva Application Defense Center  Security experience + Fortify Software and Coverity + Helped secure Intel’s supply chain software + Extensive international experience in Japan, China, France, and Australia  Thought leadership + Presented at RSA, InfoSec, OWASP, ISACA + Appearances on CNN, SkyNews, BBC, NY Times, and USA Today  Graduated from University of California, Berkeley © 2012 Imperva, Inc. All rights reserved.
United Kingdom: Taking it with them when they go  70% of employees plan to take something with them when they leave the job + Intellectual property: 27% + Customer data: 17%  Over 50% feel they own the data Source: November 2010 London Street Survey of 1026 people, Imperva © 2012 Imperva, Inc. All rights reserved.
Shanghai and Beijing: Human nature at work?  62% took data when they left a job  56% admit to internal hacking  70% of Chinese admit to accessing information they shouldn’t have  36% feel they own the data Source: February 2011 Shanghai and Beijing Street Survey of 1012 people, Imperva © 2012 Imperva, Inc. All rights reserved.
Insider Threat Research in the Past  Did not provide a holistic approach and often focused on piecemeal activities, such as: + Threat modeling + Technology  Vendor centric: Focused on the latest three-letter acronym (TLA) approach  Difficult to implement 6 © 2012 Imperva, Inc. All rights reserved.
Our Methodology Jim’s Approach Start with 1,435 good companies. Examine their performance over 40 years. Find the 11 companies that became great. Our Variation Start with 1,000 good companies. + Collect good practices. + But harder to qualify statistically. 7 © 2012 Imperva, Inc. All rights reserved.
Our Sample Global Audience Many Shapes and Sizes Enterprises across five Multiple verticals across a continents. broad revenue spectrum. 8 © 2012 Imperva, Inc. All rights reserved.
Insider Threat Defined  Someone who has trust and access, and acquires intellectual property and/or data in excess of acceptable business requirements.  They do so: + Maliciously + Accidentally + By being compromised 9 © 2012 Imperva, Inc. All rights reserved.
The Catalog © 2012 Imperva, Inc. All rights reserved.
#1 Information security enables the business to grow, but grow securely 11 © 2012 Imperva, Inc. All rights reserved.
Practice #1: Building a Business Case  What: + Understand appetite for business risk and work with business to put a plan in place  How: + Work with line of business and speak to the right people, and understand what they protect and how much they would be willing to protect — early in the process + Make it personal + Explain how to strengthen the business + Use compliance to differentiate + Create informal teams 12 © 2012 Imperva, Inc. All rights reserved.
Practice #2: Build the A-Team  What: + Organizational model  How (two approaches): + Centralized model: one team that oversees all security + Decentralized model: Embed security with various business units 13 © 2012 Imperva, Inc. All rights reserved.
Practice #3: Work with HR  What: + InfoSec works with HR during the onboarding and offboarding process as well as implementing security programs  How (checklist): + Training and communications around security + Onboarding – Background checks – Psych testing – Special screening for executives + Violations + Terminations 14 © 2012 Imperva, Inc. All rights reserved.
Practice #4: Work with Legal  What: + Create a legal environment that promotes security  How: + Create scary legal policies, for example, implement compliance and legal policies around on and offboarding + Contract reviews with partners + Approve policies (email usage, network usage, social network usage, care of laptops and other portable devices, monitoring of user behavior) 15 © 2012 Imperva, Inc. All rights reserved.
Practice #5: Education  What: + Education programs to raise security awareness and efficacy  How: + Regular security training to cover threats and LOB role – Ideally, twice per year – Constant training that uses real world episodes (email, newsletters) that are not subject to timing – Online security awareness training + Educate yourself! 16 © 2012 Imperva, Inc. All rights reserved.
#2 Prioritizing 17 © 2012 Imperva, Inc. All rights reserved.
Practice #1: Size the Challenge  What: + Identify what makes your company unique  How (checklist): + Build a full employee inventory: total, transient, permanent, mobility, access restrictions + Partner profiling + Map threats – Identify malicious scenarios – Identify accidental scenarios + Define audit requirements + Define visibility requirements 18 © 2012 Imperva, Inc. All rights reserved.
Practice #2: Start small , think BIG  What: + Know who and what to secure  How: + Do not become inundated by data + Build and parse an inventory of what needs to be secured + Put in the basic controls, and then build + Determine what needs to be automated 19 © 2012 Imperva, Inc. All rights reserved.
Practice #3: Automation  What: + Automate certain security processes  How: + Find what systems you can automate, such as: – Online training – System inventory by an automated server discovery process – Fraud prevention – Provisioning and de-provisioning privileges – Employee departure (HR systems can notify IT immediately and remove permissions) – Clean-up dormant accounts 20 © 2012 Imperva, Inc. All rights reserved.
#3 Access Controls 21 © 2012 Imperva, Inc. All rights reserved.
Practice #1: Quis custodiet ipsos custodes?  What: + Lockdown admins and superusers, and develop a separate policy  How: + Use business owner to verify + Privileged user monitoring + Periodic review by business + Eliminate dormant accounts + Separate policies for administrators 22 © 2012 Imperva, Inc. All rights reserved.
Practice #2: Develop a Permissions Strategy  What: + Permissions structure that is comprehensive and flexible  How: + Use business owner to verify + Start with permissions discovery + Recognize key events: – Job changes – Terminations – Sensitive transactions should require additional approvals to prevent fraud – Cloud + Automate 23 © 2012 Imperva, Inc. All rights reserved.
Practice #3: Look for Aberrant Behavior  What: + Weirdness probably means trouble  How: + Profile normal, acceptable usage and access to sensitive items by… – Volume – Access speed – Privilege level + Put in place monitoring or “cameras in the vault” 24 © 2012 Imperva, Inc. All rights reserved.
Practice #4: Device Management  What: + Manage company and personal devices  How: + View data theft as a function of aberrant behavior + Put controls and monitoring on apps and databases + Remote wipe 25 © 2012 Imperva, Inc. All rights reserved.
#4 Technology 26 © 2012 Imperva, Inc. All rights reserved.
Practice #1: Rebalancing the Portfolio  What: + Pick the right technology with constant readjustments  How: + Map back to threats + Key: Rebalance your portfolio periodically and assess what you need and what you don’t! 27 © 2012 Imperva, Inc. All rights reserved.
Webinar Materials Join LinkedIn Group Imperva Data Security Direct for… Answers to Post-Webinar Attendee Discussions Questions Webinar Webinar Slides Recording Link © 2012 Imperva, Inc. All rights reserved.
www.imperva.com © 2012 Imperva, Inc. All rights reserved.

Recommended

How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threatzhihaochen
 
Cybertopic_1security
Cybertopic_1securityCybertopic_1security
Cybertopic_1securityAnne Starr
 
It risk assessment
It risk assessmentIt risk assessment
It risk assessmentHappiest Minds Technologies
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
 
Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk ManagementDeepak Bansal, CPA CISSP
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersJack Nichelson
 

Recommended

How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threatzhihaochen
 
Cybertopic_1security
Cybertopic_1securityCybertopic_1security
Cybertopic_1securityAnne Starr
 
It risk assessment
It risk assessmentIt risk assessment
It risk assessmentHappiest Minds Technologies
 
Cybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsCybersecurity Goverence for Boards of Directors
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
 
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...
Establishing an insider threat programme: Know your Snowden - Puneet Kukreja,...Puneet Kukreja
 
Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk ManagementDeepak Bansal, CPA CISSP
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersJack Nichelson
 
Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Universidad Cenfotec
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach riskLivingstone Advisory
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2Semir Ibrahimovic
 
Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle ManagementBarry Caplin
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOnRamp
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementseadeloitte
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftAppsian
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...balejandre
 
Websense
WebsenseWebsense
WebsenseCMR WORLD TECH
 
Creating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesCreating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesDiane M. Metcalf
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017EQS Group
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attackerseadeloitte
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014Aladdin Dandis
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 

More Related Content

What's hot

Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Universidad Cenfotec
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach riskLivingstone Advisory
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle ManagementBarry Caplin
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOnRamp
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementseadeloitte
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guideAdilsonSuende
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftAppsian
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...balejandre
 
Creating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesCreating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesDiane M. Metcalf
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017EQS Group
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attackerseadeloitte
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Aladdin Dandis
 

What's hot (18)

Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.Material de apoyo Un replanteamiento masivo de la seguridad.
Material de apoyo Un replanteamiento masivo de la seguridad.
 
Best practices to mitigate data breach risk
Best practices to mitigate data breach riskBest practices to mitigate data breach risk
Best practices to mitigate data breach risk
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
Security Lifecycle Management
Security Lifecycle ManagementSecurity Lifecycle Management
Security Lifecycle Management
 
Overcoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security ModelOvercoming Hidden Risks in a Shared Security Model
Overcoming Hidden Risks in a Shared Security Model
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access management
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
 
Enterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoftEnterprise GRC for PEoplesoft
Enterprise GRC for PEoplesoft
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...
 
Websense
WebsenseWebsense
Websense
 
Creating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware PracticesCreating And Enforcing Anti Malware Practices
Creating And Enforcing Anti Malware Practices
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017M&A security - E-crime Congress 2017
M&A security - E-crime Congress 2017
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attacker
 
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014Fraudulent Methods for Attacking Bank Networks and Prevention 2014
Fraudulent Methods for Attacking Bank Networks and Prevention 2014
 
Ch3 cism 2014
Ch3 cism 2014Ch3 cism 2014
Ch3 cism 2014
 

Viewers also liked

The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider ThreatsLancope, Inc.
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threatzhihaochen
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityObserveIT
 
SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds
 
Gov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsGov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsSplunk
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatAndrew Case
 
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaInsider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaRaffael Marty
 
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...ObserveIT
 
Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Defence and Security Accelerator
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessEric Schiowitz
 
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...Phil Legg
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutLancope, Inc.
 
NIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapNIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapWAJAHAT IQBAL
 

Viewers also liked (20)

The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider Threats
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
 
SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015
 
Gov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsGov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior Analytics
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider Threat
 
Insider Threat Experiences
Insider Threat ExperiencesInsider Threat Experiences
Insider Threat Experiences
 
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaInsider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
 
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
 
Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
 
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
NIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapNIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmap
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
 

Similar to The Insider's Guide to the Insider Threat

Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...
Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...
Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...IT Network marcus evans
 
Making Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in BusinessMaking Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in BusinessRafal Los
 
Ultimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI ModelUltimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI ModelRafal Los
 
Do Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredDo Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredNetIQ
 
PINAR AKKAYA - The Human Dimension
PINAR AKKAYA - The Human DimensionPINAR AKKAYA - The Human Dimension
PINAR AKKAYA - The Human DimensionPinar AKKAYA
 
Shaping-Up SharePoint Security in 5 Steps
Shaping-Up SharePoint Security in 5 StepsShaping-Up SharePoint Security in 5 Steps
Shaping-Up SharePoint Security in 5 StepsImperva
 
Pollenizer Intro Deck
Pollenizer Intro DeckPollenizer Intro Deck
Pollenizer Intro DeckPhil Morle
 
Data Infused Product Design and Insights at LinkedIn
Data Infused Product Design and Insights at LinkedInData Infused Product Design and Insights at LinkedIn
Data Infused Product Design and Insights at LinkedInYael Garten
 
Patrick Ternier, CEO, Innovation Framework Technologies
Patrick Ternier, CEO, Innovation Framework TechnologiesPatrick Ternier, CEO, Innovation Framework Technologies
Patrick Ternier, CEO, Innovation Framework TechnologiesKGS Global
 
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...Jeff Willinger
 
Analytics Solutions from SAP
Analytics Solutions from SAPAnalytics Solutions from SAP
Analytics Solutions from SAPSAP Analytics
 
Your IT Career & the Next-Gen Enterprise
Your IT Career & the Next-Gen EnterpriseYour IT Career & the Next-Gen Enterprise
Your IT Career & the Next-Gen EnterprisePointwest
 
Harvey Nash USA Webinar: The Big Opportunity of Big Data
Harvey Nash USA Webinar: The Big Opportunity of Big DataHarvey Nash USA Webinar: The Big Opportunity of Big Data
Harvey Nash USA Webinar: The Big Opportunity of Big DataHarveyNashUSA
 
Introducing Pollenizer - May 2009
Introducing Pollenizer - May 2009Introducing Pollenizer - May 2009
Introducing Pollenizer - May 2009Mick Liubinskas
 
Rethinking Company Resources
Rethinking Company ResourcesRethinking Company Resources
Rethinking Company ResourcesProfiles Asia
 
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedIn
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedInA Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedIn
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedInAmy W. Tang
 
Social Customer Service Lessons Learned
Social Customer Service Lessons LearnedSocial Customer Service Lessons Learned
Social Customer Service Lessons LearnedAndrew Maher
 
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...DATAVERSITY
 

Similar to The Insider's Guide to the Insider Threat (20)

Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...
Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...
Australian CIO Summit 2012: Big Data, New Physics, and Geospatial Super-Food ...
 
Making Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in BusinessMaking Measurable Gains - Contextualizing 'Secure' in Business
Making Measurable Gains - Contextualizing 'Secure' in Business
 
Ultimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI ModelUltimate Hack! Layers 8 & 9 of the OSI Model
Ultimate Hack! Layers 8 & 9 of the OSI Model
 
Do Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get FiredDo Security Like a Start Up or Get Fired
Do Security Like a Start Up or Get Fired
 
PINAR AKKAYA - The Human Dimension
PINAR AKKAYA - The Human DimensionPINAR AKKAYA - The Human Dimension
PINAR AKKAYA - The Human Dimension
 
Shaping-Up SharePoint Security in 5 Steps
Shaping-Up SharePoint Security in 5 StepsShaping-Up SharePoint Security in 5 Steps
Shaping-Up SharePoint Security in 5 Steps
 
Pollenizer Intro Deck
Pollenizer Intro DeckPollenizer Intro Deck
Pollenizer Intro Deck
 
Data Infused Product Design and Insights at LinkedIn
Data Infused Product Design and Insights at LinkedInData Infused Product Design and Insights at LinkedIn
Data Infused Product Design and Insights at LinkedIn
 
Patrick Ternier, CEO, Innovation Framework Technologies
Patrick Ternier, CEO, Innovation Framework TechnologiesPatrick Ternier, CEO, Innovation Framework Technologies
Patrick Ternier, CEO, Innovation Framework Technologies
 
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...
SPTechCon 2014 - Keep the Lawyers off Your Back:Where does eDiscover and Comp...
 
Engagement through social media at IBM
Engagement through social media at IBMEngagement through social media at IBM
Engagement through social media at IBM
 
Adobe Systems
Adobe SystemsAdobe Systems
Adobe Systems
 
Analytics Solutions from SAP
Analytics Solutions from SAPAnalytics Solutions from SAP
Analytics Solutions from SAP
 
Your IT Career & the Next-Gen Enterprise
Your IT Career & the Next-Gen EnterpriseYour IT Career & the Next-Gen Enterprise
Your IT Career & the Next-Gen Enterprise
 
Harvey Nash USA Webinar: The Big Opportunity of Big Data
Harvey Nash USA Webinar: The Big Opportunity of Big DataHarvey Nash USA Webinar: The Big Opportunity of Big Data
Harvey Nash USA Webinar: The Big Opportunity of Big Data
 
Introducing Pollenizer - May 2009
Introducing Pollenizer - May 2009Introducing Pollenizer - May 2009
Introducing Pollenizer - May 2009
 
Rethinking Company Resources
Rethinking Company ResourcesRethinking Company Resources
Rethinking Company Resources
 
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedIn
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedInA Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedIn
A Small Overview of Big Data Products, Analytics, and Infrastructure at LinkedIn
 
Social Customer Service Lessons Learned
Social Customer Service Lessons LearnedSocial Customer Service Lessons Learned
Social Customer Service Lessons Learned
 
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...
Enterprise Data Webinar World Series: Leading the Data Asset Management Team ...
 

More from Imperva

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyImperva
 
API Security Survey
API Security SurveyAPI Security Survey
API Security SurveyImperva
 
Imperva ppt
Imperva pptImperva ppt
Imperva pptImperva
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountImperva
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Imperva
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesImperva
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchImperva
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRImperva
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware Imperva
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged VendorsImperva
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet SophisticationImperva
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made EasyImperva
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceImperva
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyImperva
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR PlanImperva
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataImperva
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityImperva
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationImperva
 

More from Imperva (20)

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 Survey
 
API Security Survey
API Security SurveyAPI Security Survey
API Security Survey
 
Imperva ppt
Imperva pptImperva ppt
Imperva ppt
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked account
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to Narratives
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over Lunch
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber Security
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPR
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet Sophistication
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made Easy
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense Report
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat Intelligence
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR Plan
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your Data
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data Security
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
 

Recently uploaded

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 

Recently uploaded (20)

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

The Insider's Guide to the Insider Threat

  • 1. The Insider's Guide To Insider Threats Rob Rachwald Director of Security Strategy © 2012 Imperva, Inc. All rights reserved.
  • 2. Agenda  Past Insider Threat Research  Our Methodology  Common Practices © 2012 Imperva, Inc. All rights reserved.
  • 3. Today’s Presenter Rob Rachwald, Dir. of Security Strategy, Imperva  Research + Directs security strategy + Works with the Imperva Application Defense Center  Security experience + Fortify Software and Coverity + Helped secure Intel’s supply chain software + Extensive international experience in Japan, China, France, and Australia  Thought leadership + Presented at RSA, InfoSec, OWASP, ISACA + Appearances on CNN, SkyNews, BBC, NY Times, and USA Today  Graduated from University of California, Berkeley © 2012 Imperva, Inc. All rights reserved.
  • 4. United Kingdom: Taking it with them when they go  70% of employees plan to take something with them when they leave the job + Intellectual property: 27% + Customer data: 17%  Over 50% feel they own the data Source: November 2010 London Street Survey of 1026 people, Imperva © 2012 Imperva, Inc. All rights reserved.
  • 5. Shanghai and Beijing: Human nature at work?  62% took data when they left a job  56% admit to internal hacking  70% of Chinese admit to accessing information they shouldn’t have  36% feel they own the data Source: February 2011 Shanghai and Beijing Street Survey of 1012 people, Imperva © 2012 Imperva, Inc. All rights reserved.
  • 6. Insider Threat Research in the Past  Did not provide a holistic approach and often focused on piecemeal activities, such as: + Threat modeling + Technology  Vendor centric: Focused on the latest three-letter acronym (TLA) approach  Difficult to implement 6 © 2012 Imperva, Inc. All rights reserved.
  • 7. Our Methodology Jim’s Approach Start with 1,435 good companies. Examine their performance over 40 years. Find the 11 companies that became great. Our Variation Start with 1,000 good companies. + Collect good practices. + But harder to qualify statistically. 7 © 2012 Imperva, Inc. All rights reserved.
  • 8. Our Sample Global Audience Many Shapes and Sizes Enterprises across five Multiple verticals across a continents. broad revenue spectrum. 8 © 2012 Imperva, Inc. All rights reserved.
  • 9. Insider Threat Defined  Someone who has trust and access, and acquires intellectual property and/or data in excess of acceptable business requirements.  They do so: + Maliciously + Accidentally + By being compromised 9 © 2012 Imperva, Inc. All rights reserved.
  • 10. The Catalog © 2012 Imperva, Inc. All rights reserved.
  • 11. #1 Information security enables the business to grow, but grow securely 11 © 2012 Imperva, Inc. All rights reserved.
  • 12. Practice #1: Building a Business Case  What: + Understand appetite for business risk and work with business to put a plan in place  How: + Work with line of business and speak to the right people, and understand what they protect and how much they would be willing to protect — early in the process + Make it personal + Explain how to strengthen the business + Use compliance to differentiate + Create informal teams 12 © 2012 Imperva, Inc. All rights reserved.
  • 13. Practice #2: Build the A-Team  What: + Organizational model  How (two approaches): + Centralized model: one team that oversees all security + Decentralized model: Embed security with various business units 13 © 2012 Imperva, Inc. All rights reserved.
  • 14. Practice #3: Work with HR  What: + InfoSec works with HR during the onboarding and offboarding process as well as implementing security programs  How (checklist): + Training and communications around security + Onboarding – Background checks – Psych testing – Special screening for executives + Violations + Terminations 14 © 2012 Imperva, Inc. All rights reserved.
  • 15. Practice #4: Work with Legal  What: + Create a legal environment that promotes security  How: + Create scary legal policies, for example, implement compliance and legal policies around on and offboarding + Contract reviews with partners + Approve policies (email usage, network usage, social network usage, care of laptops and other portable devices, monitoring of user behavior) 15 © 2012 Imperva, Inc. All rights reserved.
  • 16. Practice #5: Education  What: + Education programs to raise security awareness and efficacy  How: + Regular security training to cover threats and LOB role – Ideally, twice per year – Constant training that uses real world episodes (email, newsletters) that are not subject to timing – Online security awareness training + Educate yourself! 16 © 2012 Imperva, Inc. All rights reserved.
  • 17. #2 Prioritizing 17 © 2012 Imperva, Inc. All rights reserved.
  • 18. Practice #1: Size the Challenge  What: + Identify what makes your company unique  How (checklist): + Build a full employee inventory: total, transient, permanent, mobility, access restrictions + Partner profiling + Map threats – Identify malicious scenarios – Identify accidental scenarios + Define audit requirements + Define visibility requirements 18 © 2012 Imperva, Inc. All rights reserved.
  • 19. Practice #2: Start small , think BIG  What: + Know who and what to secure  How: + Do not become inundated by data + Build and parse an inventory of what needs to be secured + Put in the basic controls, and then build + Determine what needs to be automated 19 © 2012 Imperva, Inc. All rights reserved.
  • 20. Practice #3: Automation  What: + Automate certain security processes  How: + Find what systems you can automate, such as: – Online training – System inventory by an automated server discovery process – Fraud prevention – Provisioning and de-provisioning privileges – Employee departure (HR systems can notify IT immediately and remove permissions) – Clean-up dormant accounts 20 © 2012 Imperva, Inc. All rights reserved.
  • 21. #3 Access Controls 21 © 2012 Imperva, Inc. All rights reserved.
  • 22. Practice #1: Quis custodiet ipsos custodes?  What: + Lockdown admins and superusers, and develop a separate policy  How: + Use business owner to verify + Privileged user monitoring + Periodic review by business + Eliminate dormant accounts + Separate policies for administrators 22 © 2012 Imperva, Inc. All rights reserved.
  • 23. Practice #2: Develop a Permissions Strategy  What: + Permissions structure that is comprehensive and flexible  How: + Use business owner to verify + Start with permissions discovery + Recognize key events: – Job changes – Terminations – Sensitive transactions should require additional approvals to prevent fraud – Cloud + Automate 23 © 2012 Imperva, Inc. All rights reserved.
  • 24. Practice #3: Look for Aberrant Behavior  What: + Weirdness probably means trouble  How: + Profile normal, acceptable usage and access to sensitive items by… – Volume – Access speed – Privilege level + Put in place monitoring or “cameras in the vault” 24 © 2012 Imperva, Inc. All rights reserved.
  • 25. Practice #4: Device Management  What: + Manage company and personal devices  How: + View data theft as a function of aberrant behavior + Put controls and monitoring on apps and databases + Remote wipe 25 © 2012 Imperva, Inc. All rights reserved.
  • 26. #4 Technology 26 © 2012 Imperva, Inc. All rights reserved.
  • 27. Practice #1: Rebalancing the Portfolio  What: + Pick the right technology with constant readjustments  How: + Map back to threats + Key: Rebalance your portfolio periodically and assess what you need and what you don’t! 27 © 2012 Imperva, Inc. All rights reserved.
  • 28. Webinar Materials Join LinkedIn Group Imperva Data Security Direct for… Answers to Post-Webinar Attendee Discussions Questions Webinar Webinar Slides Recording Link © 2012 Imperva, Inc. All rights reserved.
  • 29. www.imperva.com © 2012 Imperva, Inc. All rights reserved.