Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Managing Insider Risk
NED Forum July 2015
2
Proposed agenda
I. Stroz Friedberg
II. The Insider Challenge
III. How to Respond
3
Stroz Friedberg
4
Stroz Friedberg offers it’s clients trusted advice on understanding, improving
and maintaining the cyber security of the...
5
The Insider Challenge
6
Insider Risks
Insider
Risks
Workplace
Violence
Espionage or
IP Theft
Sabotage
Conspiracy
Attrition &
Bad Leavers
Sexual
...
7
Scope of Concern
Malicious External
Accidental Internal
Organisation
BoundaryIntention
8
Path to Insider Risk
Personal Predispositions
Stressors
Interpersonal
Technical
Security
Financial
Personnel
Mental Heal...
9
Example insiders
Chelsea Elizabeth Manning (born Bradley
Edward Manning) is a trans woman and
former US Army soldier con...
10
Risk and the Critical Pathway
CRITICAL
PATHWAY MANNING AMES IVINS CORPORATE IP THIEF
Psychiatric disorders Gender ident...
11
Responding to Insider Risk
12
Controls and Mitigations
Identify High-Risk Roles
Pre-Employment Screening
Non-Disclosure Agreements
Clear Published Po...
13
Technical Behavioural Indicators
New Job
Searches
Addictive
Usage
Unusual
Pattern of
Life
AUP
Breaches
Impossible
Journ...
strozfriedberg.com
THANK YOU
Phil Huggins, Vice President
phuggins@strozfriedberg.co.uk
+44 (0)207 061 2299
Upcoming SlideShare
Loading in …5
×

Managing Insider Risk

935 views

Published on

A presentation I gave to the July 2015 NED Forum on Managing Insider Risk using the Critical Pathway to Insider Risk. I've removed a product specific slide for public release.

Published in: Leadership & Management
  • Be the first to comment

  • Be the first to like this

Managing Insider Risk

  1. 1. Managing Insider Risk NED Forum July 2015
  2. 2. 2 Proposed agenda I. Stroz Friedberg II. The Insider Challenge III. How to Respond
  3. 3. 3 Stroz Friedberg
  4. 4. 4 Stroz Friedberg offers it’s clients trusted advice on understanding, improving and maintaining the cyber security of their organisations Stroz Friedberg brings:  A distinctive blend of technology, legal and regulatory, investigative and advisory skills  An exceptional reputation for ethics and neutrality  Global reach capacity to handle multi-national projects  Unmatched experience in handling the most important, high profile situations  Credibility with regulators and boards Cyber Security Leadership Identification Protection Evolution SECURITY SCIENCE World class response to digital trouble – and advice on how to prepare for cyber attacks INCIDENT RESPONSE Detection Response Recovery Leading experts on cyber defence - pragmatic, evidence- driven, strategies and tactics that work
  5. 5. 5 The Insider Challenge
  6. 6. 6 Insider Risks Insider Risks Workplace Violence Espionage or IP Theft Sabotage Conspiracy Attrition & Bad Leavers Sexual Misconduct Substance Abuse Suicide & Mental Health
  7. 7. 7 Scope of Concern Malicious External Accidental Internal Organisation BoundaryIntention
  8. 8. 8 Path to Insider Risk Personal Predispositions Stressors Interpersonal Technical Security Financial Personnel Mental Health/Addiction Social Network Travel Personal Professional Financial Medical/Psychiatric Conditions Personality or Social Skills Issues Previous Rule Violations Social Network Risks Suspicious Travel Concerning Behaviors Maladaptive Organization Response Plans Recruitment Insider Attack Op Sec Action Economic Stress Military Conflict Political Conflict
  9. 9. 9 Example insiders Chelsea Elizabeth Manning (born Bradley Edward Manning) is a trans woman and former US Army soldier convicted in July 2013 after releasing one of the largest set of classified documents ever leaked to the public PFC Manning Bruce Ivins Former senior biodefense researcher at the US Army Medical Research Institute of Infectious Diseases and the key suspect in the 2001 anthrax attacks Corporate IP Thief Corporate insider discovered stealing intellectual property during a client investigation Aldrich Ames Former Central Intelligence Agency analyst and counterintelligence officer. Convicted in 1994 after admitting espionage leading to the deaths of US sources and the compromise of many intelligence operations. Online Stalker Anonymous online blackmailer outed and identified as a former employee during a client investigation Hassan Abu-Jihaad Born Paul R. Hall, former US Navy officer convicted of supporting terrorism in 2001 after disclosing the location of Navy ships and their weaknesses to an online Al-Qaeda forum while serving as a signalman on board the USS Benfold Greg Smith In his March 2012 resignation letter, printed as an op-ed in The New York Times, the former head of Goldman Sachs US equity derivatives business in Europe, the Middle East and Africa attacked GS and its leadership
  10. 10. 10 Risk and the Critical Pathway CRITICAL PATHWAY MANNING AMES IVINS CORPORATE IP THIEF Psychiatric disorders Gender identity Alcoholism Multiple psych issues including Dissociative Identity Disorder Signs of depression Personality/social skills issues Yes Yes Yes Signs of narcissistic personality disorder Previous violations Juvenile delinquency Juvenile delinquency College vandalism, theft Unknown Social Network Risks Hackers N/A Family history of crime Family connection interferes with work loyalty STRESSORS Personal, professional, financial Personal, professional, financial Personal, professional, financial Marital, family, supervisor conflict, bad review, conflict with HR Concerning Behaviors Multiple Multiple Multiple Tardiness, missed meetings, circumventing supervisors, resigns Maladaptive Organizational Response Multiple Multiple No comment HR inquiry escalates risk Observed Insider Activity Hacker & press contacts Travel, spending Lab violations Lies about resignation, downloads during “vacation”
  11. 11. 11 Responding to Insider Risk
  12. 12. 12 Controls and Mitigations Identify High-Risk Roles Pre-Employment Screening Non-Disclosure Agreements Clear Published Policies Leadership Behaviours Confidential Staff Personal Support Regular Awareness Training Prompt & Consistent HR Responses Data Classification Data Labelling Sensitive Project / Client Code Names Physical Security (Badge Access) Minimisation & Encryption of Data Stores Password Quality Standards Login Banners Folder-level Permissions Comprehensive Identity & Access Management Privileged User Access Management Regular audits of permissions and access rights Minimised VPN Access Data Leakage Prevention Tools On-Going Screening Exit Interviews Whistle Blower Support Accounting Procedures Security Cameras Extensive Logging Network Security Monitoring Behavioural Analytics Psycho-Linguistic Analytics Recruitment Continuous Controls Monitoring
  13. 13. 13 Technical Behavioural Indicators New Job Searches Addictive Usage Unusual Pattern of Life AUP Breaches Impossible Journeys Failed Logons Failed Badge Access Large Volume Uploads History Deletion
  14. 14. strozfriedberg.com THANK YOU Phil Huggins, Vice President phuggins@strozfriedberg.co.uk +44 (0)207 061 2299

×