Insight into how cyber criminals prey on your employees to get access to your company's valuable data, and tips and technology that can help you protect yourself. See webinar video here: http://bit.ly/Avatu-how-cybercriminals-exploit-your-employees
Tre Smith - From Decision to Implementation: Who's On First?
Similar to Cybersecurity: An FBI perspective: how cyber criminals exploit the goodness of your employees | Part of the Avatu One-Step Ahead Security programme
Similar to Cybersecurity: An FBI perspective: how cyber criminals exploit the goodness of your employees | Part of the Avatu One-Step Ahead Security programme (20)
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Cybersecurity: An FBI perspective: how cyber criminals exploit the goodness of your employees | Part of the Avatu One-Step Ahead Security programme
1. One Step Ahead - Webinar
In partnership with:
In partnership with:
How cyber criminals exploit the
goodness of your employees
An FBI perspective
2. One Step Ahead - Webinar
In partnership with:
Webinar introduction
by Joe Jouhal
CEO at Avatu
Please send your questions in
through the WebEx system
We’ll answer them one-by-one at
the end of the webinar
3. One Step Ahead - Webinar
In partnership with:
John Boles
is a former assistant director with the FBI.
Having served over 20 years in the FBI as a
national security executive, his experience in
leading cyber investigations worldwide and
managing critical incident response, his expertise
helps clients protect their data and their business.
Today he’s director of Navigant’s Global Legal
Technology Services.
Your speakers
4. One Step Ahead - Webinar
In partnership with:
David Nice
has worked in the security environment for
almost 20 years and consequently understands
the challenges faced by companies - and public
bodies - inside and out.
Today, working with ObserveIT, he specialises
in insider threats and helping people to adapt
their behaviours.
Your speakers
5. One Step Ahead - Webinar
In partnership with:
What is the cyber
INSIDER Threat?
Definition:
Anyone with legitimate access (employee, vendor,
contractor) to a company network/data who puts
that data at risk through either willful misconduct
or unintentional actions
6. One Step Ahead - Webinar
In partnership with:
What is the cyber
INSIDER Threat?
• Too often, we look outward for danger,
without considering that which can do the
most damage
• Insiders know where the information is,
where the secrets are kept
• Insiders have the legitimate access
crooks covet
7. One Step Ahead - Webinar
In partnership with:
Malicious INSIDER
• Have intent to harm the company
or improve themselves
• Often motivated by spite, revenge,
or greed
8. One Step Ahead - Webinar
In partnership with:
Malicious INSIDER
Robert Hanssen spied for the Russians against
the USA for decades because he felt no one
appreciated his intelligence
He stole information and put lives at risk
9. One Step Ahead - Webinar
In partnership with:
Malicious INSIDER
Edward Snowden stole data based on his
legitimate access for greed
He was recruited by foreign intelligence
agencies by appealing to his inflated
sense of self
10. One Step Ahead - Webinar
In partnership with:
Unwitting INSIDER
• Unintentionally cause harm to the network,
often in the course of their daily work
• Click on unsafe links
• Visit insecure websites
• Login to free and unprotected Wi-Fi
11. One Step Ahead - Webinar
In partnership with:
Unwitting INSIDER
• Lose company laptop/mobiles
• Frequently targeted by cyber crooks
• Often the customer facing representative
12. One Step Ahead - Webinar
In partnership with:
Damages
• Insider theft/inadvertent compromise is
often undetected for long periods
• Theft of IP or even client lists can eliminate
competitive advantage
• Stolen PII/PHI can subject a company to
severe fines and, under GDPR, possibly civil
legal action
• Reputational damage is frequently
long-lasting
13. One Step Ahead - Webinar
In partnership with:
What to do?
• Start with strong and clear policies and
governance
• Include mobile devices and BYOD
• Ensure you have an acceptable use policy
• Monitor accesses and ensure it’s appropriate
Communicate the rules and make sure
employees understand them
14. One Step Ahead - Webinar
In partnership with:
Training is key
• Employees must be able to
o Recognise risky behaviour
o Recognise suspicious email and links
o Know what actions to take
• Training should be ongoing and responsive
• Training is best retained when it is positive
and targeted
15. One Step Ahead - Webinar
In partnership with:
Tech is important, too
• Monitor traffic and connections
o Are employees going to risky sites
o Are employees using unauthorised apps
or data transfer applications
o Is the traffic going where you
expect it to?
• Whitelisting vs Blacklisting
16. One Step Ahead - Webinar
In partnership with:
It’s the people
• Must combine tech with policy and
oversight with training
• Trust but verify
• It’s much safer (and cheaper) to identify
and remediate risky behaviours than recover
from a breach
• Real cyber security is holistic
Humans are creatures of habit. You can spot the
early warning signs with technology and reduce
the risk
17. One Step Ahead - Webinar
In partnership with:
Identify and Eliminate Insider Threats
18. One Step Ahead - Webinar
In partnership with:
Identify and Eliminate Insider Threats
Over 1,500 customers worldwide
19. One Step Ahead - Webinar
In partnership with:
Trust but Verify
• Make your employees advocates for risk
prevention against threats
• Insider threats put your organisation at risk
20. One Step Ahead - Webinar
In partnership with:
The benefits of
addressing the
INSIDER Threat
• A heightened awareness of security
throughout the organisation
• A steep decline in the number of
security incidents
• A reduction in the amount of time spent
detecting and investigating incidents
21. One Step Ahead - Webinar
In partnership with:
• Identification of critical users & systems
• Identification of rogue accounts & shared accounts
• Identification of sensitive file/ folder locations
Know your CRITICAL assets
Src: NIST Special Publication 800-61 Volume 2
22. One Step Ahead - Webinar
In partnership with:
Logs can be difficult to correlate and understand
Can YOU tell what happened here?
23. One Step Ahead - Webinar
In partnership with:
Visibility
• Unique ‘over-the-shoulder’ view of all employee, vendor
and consultant activity provides unmatched visibility
• Alerts are in plain English and easy to understand
• Investigations take minutes instead of days
…a video is worth 1,000 logs
27. One Step Ahead - Webinar
In partnership with:
Analytics
• Uncover and investigate risky user activity through
identification of anomalous behaviour
• Key logging alerts detect data exfiltration attempts when users
type protected keywords in emails, chat applications, social
media sites, and more
Dynamic
filters
User activity and working
hours over time
Total and average time
per day spent by user
Most used
applications
and websites
ACHIEVE greater insight with alerts and analytics
28. One Step Ahead - Webinar
In partnership with:
Increase VISIBILITY
with website categorisation
• Know when users visit un-allowed/out-of-policy websites, such as
o Adult sites, illegal streaming, Darknet, illegal drugs, workplace
violence, time wasting
• Know when users visit bad reputation sites to avoid:
o Phishing (block the user before disclosing any PII)
o Contamination (block before downloading malicious content)
Website
categories are
indicated in alerts
and reports for
greater visibility
into user
behaviour
29. One Step Ahead - Webinar
In partnership with:
Educate
EDUCATE - early and often
• Educate employees about policy violations in real time
• Offer constructive alternatives
• Provide communication medium for security policy
feedback and suggestions
30. One Step Ahead - Webinar
In partnership with:
Deter
• Warn users against proceeding with out-of-policy activities
• Notify users that policy violations will be recorded
and reviewed
• Reduce non-compliant actions by 80% by implementing
real-time warnings
Show warnings:
out-of-policy behaviour is
recorded & reviewed
DETER non-compliant actions with notifications
31. One Step Ahead - Webinar
In partnership with:
Changing employee BEHAVIOUR
reduces the risk of a security
breach by 45% to 70%
32. One Step Ahead - Webinar
In partnership with:
Prevent
• Direct enforcement of company policy
• Effective asset protection and damage control
• Optimise Security and IT processes by collecting user
feedback before the application is closed or user is logged-off
A Remote Vendor trying
to connect to a Server.
User is forced to Log Off
(with optional user-provided feedback).
Security analysts can quickly
spot a blocked user and easily
review feedback provided
by the user
PREVENT users from violating policies
33. One Step Ahead - Webinar
In partnership with:
SECURITY without compromising
employee privacy
34. One Step Ahead - Webinar
In partnership with:
Forrester Techradar ™ : endpoint security, Q1 2017
35. One Step Ahead - Webinar
In partnership with:
Time for your
questions
36. One Step Ahead - Webinar
In partnership with:
Thank you
For more information contact:
luisa.farmer@avatu.co.uk
phone: +44 1296 621121
37. One Step Ahead - Webinar
In partnership with:
In partnership with:
How cyber criminals exploit the
goodness of your employees
An FBI perspective