SlideShare a Scribd company logo

Cyber Summit 2016: Insider Threat Indicators: Human Behaviour

Download as PPT, PDF
Cybera Inc.
Cybera Inc.

Serious threats to private and governmental organizations do not only come from the outside world, but also come from within. Some employees and contractors with legitimate access to buildings, networks, assets and information deliberately misuse their priviledged access to cause harm to their organization. What are the reasons behind their actions? Is it debts, greed, ideology, disgruntlement, or divided loyalty? Regardless of their motivations or vulnerabilities, traitors have very similar types of personality and display a certain pattern of behaviours before committing an insider incident. As a prevention measure, it is vital that organizations and employees understand, recognize and detect the common indicators of insider threat. Would you recognize the signs? Mario Vachon is an Insider Threat Security Specialist with the RCMP Departmental Security Branch.

Technology
1 of 13
Insider ThreatInsider Threat «HUMAN«HUMAN BEHAVIOUR»BEHAVIOUR»Sgt. Mario Vachon, M.Sc. Insider Threat Security Specialist RCMP Departmental Security Branch Cybera Cyber Summit Using Technology Responsibly Banff, Alberta October 27, 2016
A National Strategy Built Upon Four PillarsA National Strategy Built Upon Four Pillars «Building a Culture of Security»«Building a Culture of Security» Protected B
“The thief who is the hardest to detect and who can cause the most damage is the insider. It is the employee with legitimate access” US Federal Bureau of Investigation (FBI) “Who has the most knowledge about your organization, its vulnerabilities and the value of its information? Those inside or outside? Clearly employees are well placed to compromise your data” Dr. S. Kabilan, Conf. Board of Canada A Trusted EmployeeA Trusted Employee
Percentage by User Group 55 46 43 35 28 Figure 1: The Largest Risk to an Organization Insider Threat Who Poses the Biggest Threat? 55 46 43 28 35 25 2015 Vormetric Insider Threat Report Privileged Users Contractors / Service Providers Business Partners Ordinary Employees Executive Management Other IT Staff From Left: Edward Snowden, Chelsea Manning & Jeffrey Delisle
Insider Threat Understanding the Traitor / Mole / Spy • They changed over time • Almost all were trustworthy and loyal when first given a security clearance (security screened, interviewed, polygraphed) • Majority volunteered their services to a foreign government. They were not enticed, persuaded, manipulated or coerced 70%70% •Mostly male, 30 to 50 years old •Middle management •Emotional, personal crisis •Unhappy  •Work frustrations 30%30% •Mostly male, 20 to 26 years old •Entry to low management •Immature, impulsive, •Unhappy  •Ideological view, whistle-blower The usual suspects are …
Insider Threat The Usual Suspects … with access to facilities and networks … with access to sensitive information and ideological views, marital, financial difficulties and/or substance abuse … with privileged access 80% vs 20%
Detection of Risk Indicators 2016 - Sgt. Mario Vachon, M.Sc. RCMP Insider Threat Security Specialist Insider Threat Pathway to Commit an Insider Attack 1. Personality Disorders 2. Stressors 3. Concerning Behaviours Intention Volition
Insider Threat Antisocials Psychopaths Opportunists 1. Personality Disorders / Predispositions Narcissists
2. Stressors • Financial Pressure / Poor Financial Responsibility /Greed • Life Crisis Personal / Marital / Family / Death / Illness • Work Issues Frustration / Cynicism / Vengeance / Grudge / Injustice Spite / Disgruntlement / Conflict / Disappointment • Legal Issues Administrative / Civil / Criminal Insider Threat
3. Concerning Behaviours • Personal Conduct Immature / Violence / Immoral / Bias / Retaliatory / Deviant / Dishonest / Lack of Integrity / Manipulative / Impulsive / Poor Judgment / Security & IT Policy Violations • Divided Loyalty Political / Country / Association / Social Network / Employer • Ideological Radicalization / Religion / Terrorism / Beliefs • Egotistical / Entitlement • Exploitable / Vulnerable Lifestyle Alcohol / Drug / Gambling / Sexual Paraphilia Insider Threat
UK Insider Threat Study 5 Types of Insider Activities5 Types of Insider Activities Insider Threat 2013 CPNI Insider Data Collection Study Centre for the Protection of National Infrastructure Unauthorized Disclosures Corruption Facilitation of Third Party Access Physical Sabotage IT Sabotage / HackingIT Sabotage / Hacking Male Age 60% committed by employees with less than xx years of service 82% 31 - 45 Permanent Employees 88% > 5 years Primary MotivationPrimary Motivation 20% 47% 14% 14% Financial Ideology Recognition / Ego Loyalty Self-Initiated 76% Female 18%
Insider Threat Can you find the Insider? Photo by: Don Tudd Topsy Farms, Ontario
Sgt. Mario Vachon, M.Sc. Insider Threat Security Specialist Departmental Security Branch Royal Canadian Mounted Police (613) 843-5557 mario.vachon@rcmp-grc.gc.ca «Detection of Risk is useless without Resolution of Doubt»«Detection of Risk is useless without Resolution of Doubt»

Recommended

Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat Detection
ObserveIT
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
David Mai, MBA
 
How to Implement an Insider Threat Program
How to Implement an Insider Threat ProgramHow to Implement an Insider Threat Program
How to Implement an Insider Threat Program
ObserveIT
 
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsPhish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
ObserveIT
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?
ObserveIT
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
David Mai, MBA
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ObserveIT
 
Insider Threat Law: Balancing Privacy and Protection
Insider Threat Law: Balancing Privacy and ProtectionInsider Threat Law: Balancing Privacy and Protection
Insider Threat Law: Balancing Privacy and Protection
ObserveIT
 

Recommended

Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat Detection
ObserveIT
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
David Mai, MBA
 
How to Implement an Insider Threat Program
How to Implement an Insider Threat ProgramHow to Implement an Insider Threat Program
How to Implement an Insider Threat Program
ObserveIT
 
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsPhish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
ObserveIT
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?
ObserveIT
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
David Mai, MBA
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ObserveIT
 
Insider Threat Law: Balancing Privacy and Protection
Insider Threat Law: Balancing Privacy and ProtectionInsider Threat Law: Balancing Privacy and Protection
Insider Threat Law: Balancing Privacy and Protection
ObserveIT
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
Eric Schiowitz
 
ObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity ManagementObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity Management
ObserveIT
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
PECB
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatMike Saunders
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
Lancope, Inc.
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
Mekhi Da ‘Quay Daniels
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
zhihaochen
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider Threats
Lancope, Inc.
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
KAMRAN KHALID
 
The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider Threat
Imperva
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider Threat
Murray Security Services
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
Zivaro Inc
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3Lancope, Inc.
 
Insider threat
Insider threatInsider threat
Insider threat
ARCON TECHSOLUTIONS
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
Integrated cyber defense
Integrated cyber defenseIntegrated cyber defense
Integrated cyber defense
kajal kumari
 
Malicious Insiders
Malicious InsidersMalicious Insiders
Malicious Insiders
gjohansen
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
AlienVault
 
10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks
Heimdal Security
 
Prevent Insider Threats with User Activity Monitoring
Prevent Insider Threats with User Activity MonitoringPrevent Insider Threats with User Activity Monitoring
Prevent Insider Threats with User Activity Monitoring
ObserveIT
 
Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptx
ZakiAhmed70
 
2014-11-04 Fraud Risk Assessment - The Human Element
2014-11-04 Fraud Risk Assessment - The Human Element2014-11-04 Fraud Risk Assessment - The Human Element
2014-11-04 Fraud Risk Assessment - The Human ElementRaffa Learning Community
 

More Related Content

What's hot

Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
Eric Schiowitz
 
ObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity ManagementObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity Management
ObserveIT
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
PECB
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatMike Saunders
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
Lancope, Inc.
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
Mekhi Da ‘Quay Daniels
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
zhihaochen
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider Threats
Lancope, Inc.
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
KAMRAN KHALID
 
The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider Threat
Imperva
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider Threat
Murray Security Services
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
Zivaro Inc
 
Insider threat
Insider threatInsider threat
Insider threat
ARCON TECHSOLUTIONS
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
Integrated cyber defense
Integrated cyber defenseIntegrated cyber defense
Integrated cyber defense
kajal kumari
 
Malicious Insiders
Malicious InsidersMalicious Insiders
Malicious Insiders
gjohansen
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
AlienVault
 
10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks
Heimdal Security
 
Prevent Insider Threats with User Activity Monitoring
Prevent Insider Threats with User Activity MonitoringPrevent Insider Threats with User Activity Monitoring
Prevent Insider Threats with User Activity Monitoring
ObserveIT
 

What's hot (20)

Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
 
ObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity ManagementObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity Management
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-Threat
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider Threats
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
 
The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider Threat
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider Threat
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
 
Insider threat
Insider threatInsider threat
Insider threat
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
 
Integrated cyber defense
Integrated cyber defenseIntegrated cyber defense
Integrated cyber defense
 
Malicious Insiders
Malicious InsidersMalicious Insiders
Malicious Insiders
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks10 Critical Corporate Cyber Security Risks
10 Critical Corporate Cyber Security Risks
 
Prevent Insider Threats with User Activity Monitoring
Prevent Insider Threats with User Activity MonitoringPrevent Insider Threats with User Activity Monitoring
Prevent Insider Threats with User Activity Monitoring
 

Similar to Cyber Summit 2016: Insider Threat Indicators: Human Behaviour

Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptx
ZakiAhmed70
 
2014-11-04 Fraud Risk Assessment - The Human Element
2014-11-04 Fraud Risk Assessment - The Human Element2014-11-04 Fraud Risk Assessment - The Human Element
2014-11-04 Fraud Risk Assessment - The Human ElementRaffa Learning Community
 
Jason Anthony Smith - thesis short summary v1.0
Jason Anthony Smith - thesis short summary v1.0Jason Anthony Smith - thesis short summary v1.0
Jason Anthony Smith - thesis short summary v1.0Jason Smith
 
Cybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and CommunicationCybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and Communication
Stephen Cobb
 
Social Networks And Phishing
Social Networks And PhishingSocial Networks And Phishing
Social Networks And Phishing
ecarrow
 
Insider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdfInsider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdf
ramsetl
 
Radicalization in the Workplace
Radicalization in the WorkplaceRadicalization in the Workplace
Radicalization in the Workplace
Hillard Heintze
 
Journal+Feature-InsiderThreat
Journal+Feature-InsiderThreatJournal+Feature-InsiderThreat
Journal+Feature-InsiderThreatAnthony Buenger
 
ASIS NYC InT Presentation
ASIS NYC InT PresentationASIS NYC InT Presentation
ASIS NYC InT PresentationDaniel McGarvey
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyRussell Publishing
 
Navigating Workplace Violence - A Managers Guide
Navigating Workplace Violence - A Managers GuideNavigating Workplace Violence - A Managers Guide
Navigating Workplace Violence - A Managers Guide
Tom Huskerson
 
The Insider Threat January.pptx
The Insider Threat January.pptxThe Insider Threat January.pptx
The Insider Threat January.pptx
BertrandRussell6
 
Cyber Security Briefing Asis Nyc 10 18 12
Cyber Security Briefing Asis Nyc 10 18 12Cyber Security Briefing Asis Nyc 10 18 12
Cyber Security Briefing Asis Nyc 10 18 12
David Kondrup
 
SANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political BreachesSANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political Breaches
John Bambenek
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
SecurityStudio
 
Windstream Cloud Security Checklist
Windstream Cloud Security Checklist Windstream Cloud Security Checklist
Windstream Cloud Security Checklist
Ideba
 
Insider threats
Insider threatsInsider threats
Insider threats
izoologic
 
Threat Finance – How financial institutions and governments can choke off fin...
Threat Finance – How financial institutions and governments can choke off fin...Threat Finance – How financial institutions and governments can choke off fin...
Threat Finance – How financial institutions and governments can choke off fin...emermell
 
Workplace Violence - Your Recieved a Threat, Should You Worry
Workplace Violence - Your Recieved a Threat, Should You WorryWorkplace Violence - Your Recieved a Threat, Should You Worry
Workplace Violence - Your Recieved a Threat, Should You WorryMichael Julian, CPI PPS CSP
 
Managing Social Media Risks
Managing Social Media RisksManaging Social Media Risks
Managing Social Media Risks
Croydon Consulting, LLC
 

Similar to Cyber Summit 2016: Insider Threat Indicators: Human Behaviour (20)

Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptx
 
2014-11-04 Fraud Risk Assessment - The Human Element
2014-11-04 Fraud Risk Assessment - The Human Element2014-11-04 Fraud Risk Assessment - The Human Element
2014-11-04 Fraud Risk Assessment - The Human Element
 
Jason Anthony Smith - thesis short summary v1.0
Jason Anthony Smith - thesis short summary v1.0Jason Anthony Smith - thesis short summary v1.0
Jason Anthony Smith - thesis short summary v1.0
 
Cybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and CommunicationCybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and Communication
 
Social Networks And Phishing
Social Networks And PhishingSocial Networks And Phishing
Social Networks And Phishing
 
Insider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdfInsider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdf
 
Radicalization in the Workplace
Radicalization in the WorkplaceRadicalization in the Workplace
Radicalization in the Workplace
 
Journal+Feature-InsiderThreat
Journal+Feature-InsiderThreatJournal+Feature-InsiderThreat
Journal+Feature-InsiderThreat
 
ASIS NYC InT Presentation
ASIS NYC InT PresentationASIS NYC InT Presentation
ASIS NYC InT Presentation
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
 
Navigating Workplace Violence - A Managers Guide
Navigating Workplace Violence - A Managers GuideNavigating Workplace Violence - A Managers Guide
Navigating Workplace Violence - A Managers Guide
 
The Insider Threat January.pptx
The Insider Threat January.pptxThe Insider Threat January.pptx
The Insider Threat January.pptx
 
Cyber Security Briefing Asis Nyc 10 18 12
Cyber Security Briefing Asis Nyc 10 18 12Cyber Security Briefing Asis Nyc 10 18 12
Cyber Security Briefing Asis Nyc 10 18 12
 
SANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political BreachesSANSFIRE - Elections, Deceptions and Political Breaches
SANSFIRE - Elections, Deceptions and Political Breaches
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
 
Windstream Cloud Security Checklist
Windstream Cloud Security Checklist Windstream Cloud Security Checklist
Windstream Cloud Security Checklist
 
Insider threats
Insider threatsInsider threats
Insider threats
 
Threat Finance – How financial institutions and governments can choke off fin...
Threat Finance – How financial institutions and governments can choke off fin...Threat Finance – How financial institutions and governments can choke off fin...
Threat Finance – How financial institutions and governments can choke off fin...
 
Workplace Violence - Your Recieved a Threat, Should You Worry
Workplace Violence - Your Recieved a Threat, Should You WorryWorkplace Violence - Your Recieved a Threat, Should You Worry
Workplace Violence - Your Recieved a Threat, Should You Worry
 
Managing Social Media Risks
Managing Social Media RisksManaging Social Media Risks
Managing Social Media Risks
 

More from Cybera Inc.

Cyber Summit 2016: Technology, Education, and Democracy
Cyber Summit 2016: Technology, Education, and DemocracyCyber Summit 2016: Technology, Education, and Democracy
Cyber Summit 2016: Technology, Education, and Democracy
Cybera Inc.
 
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cyber Summit 2016: Understanding Users' (In)Secure BehaviourCyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cybera Inc.
 
Cyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cyber Summit 2016: Research Data and the Canadian Innovation ChallengeCyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cybera Inc.
 
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big DataCyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
Cybera Inc.
 
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and ReuseCyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cybera Inc.
 
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cybera Inc.
 
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cybera Inc.
 
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing DataCyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cybera Inc.
 
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cybera Inc.
 
Privacy, Security & Access to Data
Privacy, Security & Access to DataPrivacy, Security & Access to Data
Privacy, Security & Access to Data
Cybera Inc.
 
Do Universities Dream of Big Data
Do Universities Dream of Big DataDo Universities Dream of Big Data
Do Universities Dream of Big Data
Cybera Inc.
 
Predicting the Future With Microsoft Bing
Predicting the Future With Microsoft BingPredicting the Future With Microsoft Bing
Predicting the Future With Microsoft Bing
Cybera Inc.
 
Analytics 101: How to not fail at analytics
Analytics 101: How to not fail at analyticsAnalytics 101: How to not fail at analytics
Analytics 101: How to not fail at analytics
Cybera Inc.
 
Are MOOC's past their peak?
Are MOOC's past their peak?Are MOOC's past their peak?
Are MOOC's past their peak?
Cybera Inc.
 
Opening the doors of the laboratory
Opening the doors of the laboratoryOpening the doors of the laboratory
Opening the doors of the laboratory
Cybera Inc.
 
Open City - Edmonton
Open City - EdmontonOpen City - Edmonton
Open City - Edmonton
Cybera Inc.
 
Unlocking the power of healthcare data
Unlocking the power of healthcare dataUnlocking the power of healthcare data
Unlocking the power of healthcare data
Cybera Inc.
 
Checking in on Healthcare Data Analytics
Checking in on Healthcare Data AnalyticsChecking in on Healthcare Data Analytics
Checking in on Healthcare Data Analytics
Cybera Inc.
 
Open access and open data: international trends and strategic context
Open access and open data: international trends and strategic contextOpen access and open data: international trends and strategic context
Open access and open data: international trends and strategic context
Cybera Inc.
 
I didn't know i was a geomatics company
I didn't know i was a geomatics companyI didn't know i was a geomatics company
I didn't know i was a geomatics company
Cybera Inc.
 

More from Cybera Inc. (20)

Cyber Summit 2016: Technology, Education, and Democracy
Cyber Summit 2016: Technology, Education, and DemocracyCyber Summit 2016: Technology, Education, and Democracy
Cyber Summit 2016: Technology, Education, and Democracy
 
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cyber Summit 2016: Understanding Users' (In)Secure BehaviourCyber Summit 2016: Understanding Users' (In)Secure Behaviour
Cyber Summit 2016: Understanding Users' (In)Secure Behaviour
 
Cyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cyber Summit 2016: Research Data and the Canadian Innovation ChallengeCyber Summit 2016: Research Data and the Canadian Innovation Challenge
Cyber Summit 2016: Research Data and the Canadian Innovation Challenge
 
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big DataCyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big Data
 
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and ReuseCyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
Cyber Summit 2016: Privacy Issues in Big Data Sharing and Reuse
 
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...
 
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...
 
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing DataCyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing Data
 
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...
 
Privacy, Security & Access to Data
Privacy, Security & Access to DataPrivacy, Security & Access to Data
Privacy, Security & Access to Data
 
Do Universities Dream of Big Data
Do Universities Dream of Big DataDo Universities Dream of Big Data
Do Universities Dream of Big Data
 
Predicting the Future With Microsoft Bing
Predicting the Future With Microsoft BingPredicting the Future With Microsoft Bing
Predicting the Future With Microsoft Bing
 
Analytics 101: How to not fail at analytics
Analytics 101: How to not fail at analyticsAnalytics 101: How to not fail at analytics
Analytics 101: How to not fail at analytics
 
Are MOOC's past their peak?
Are MOOC's past their peak?Are MOOC's past their peak?
Are MOOC's past their peak?
 
Opening the doors of the laboratory
Opening the doors of the laboratoryOpening the doors of the laboratory
Opening the doors of the laboratory
 
Open City - Edmonton
Open City - EdmontonOpen City - Edmonton
Open City - Edmonton
 
Unlocking the power of healthcare data
Unlocking the power of healthcare dataUnlocking the power of healthcare data
Unlocking the power of healthcare data
 
Checking in on Healthcare Data Analytics
Checking in on Healthcare Data AnalyticsChecking in on Healthcare Data Analytics
Checking in on Healthcare Data Analytics
 
Open access and open data: international trends and strategic context
Open access and open data: international trends and strategic contextOpen access and open data: international trends and strategic context
Open access and open data: international trends and strategic context
 
I didn't know i was a geomatics company
I didn't know i was a geomatics companyI didn't know i was a geomatics company
I didn't know i was a geomatics company
 

Recently uploaded

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
Globus
 
UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
UiPathCommunity
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
 
UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 

Cyber Summit 2016: Insider Threat Indicators: Human Behaviour

  • 1. Insider ThreatInsider Threat «HUMAN«HUMAN BEHAVIOUR»BEHAVIOUR»Sgt. Mario Vachon, M.Sc. Insider Threat Security Specialist RCMP Departmental Security Branch Cybera Cyber Summit Using Technology Responsibly Banff, Alberta October 27, 2016
  • 2. A National Strategy Built Upon Four PillarsA National Strategy Built Upon Four Pillars «Building a Culture of Security»«Building a Culture of Security» Protected B
  • 3. “The thief who is the hardest to detect and who can cause the most damage is the insider. It is the employee with legitimate access” US Federal Bureau of Investigation (FBI) “Who has the most knowledge about your organization, its vulnerabilities and the value of its information? Those inside or outside? Clearly employees are well placed to compromise your data” Dr. S. Kabilan, Conf. Board of Canada A Trusted EmployeeA Trusted Employee
  • 4. Percentage by User Group 55 46 43 35 28 Figure 1: The Largest Risk to an Organization Insider Threat Who Poses the Biggest Threat? 55 46 43 28 35 25 2015 Vormetric Insider Threat Report Privileged Users Contractors / Service Providers Business Partners Ordinary Employees Executive Management Other IT Staff From Left: Edward Snowden, Chelsea Manning & Jeffrey Delisle
  • 5. Insider Threat Understanding the Traitor / Mole / Spy • They changed over time • Almost all were trustworthy and loyal when first given a security clearance (security screened, interviewed, polygraphed) • Majority volunteered their services to a foreign government. They were not enticed, persuaded, manipulated or coerced 70%70% •Mostly male, 30 to 50 years old •Middle management •Emotional, personal crisis •Unhappy  •Work frustrations 30%30% •Mostly male, 20 to 26 years old •Entry to low management •Immature, impulsive, •Unhappy  •Ideological view, whistle-blower The usual suspects are …
  • 6. Insider Threat The Usual Suspects … with access to facilities and networks … with access to sensitive information and ideological views, marital, financial difficulties and/or substance abuse … with privileged access 80% vs 20%
  • 7. Detection of Risk Indicators 2016 - Sgt. Mario Vachon, M.Sc. RCMP Insider Threat Security Specialist Insider Threat Pathway to Commit an Insider Attack 1. Personality Disorders 2. Stressors 3. Concerning Behaviours Intention Volition
  • 9. 2. Stressors • Financial Pressure / Poor Financial Responsibility /Greed • Life Crisis Personal / Marital / Family / Death / Illness • Work Issues Frustration / Cynicism / Vengeance / Grudge / Injustice Spite / Disgruntlement / Conflict / Disappointment • Legal Issues Administrative / Civil / Criminal Insider Threat
  • 10. 3. Concerning Behaviours • Personal Conduct Immature / Violence / Immoral / Bias / Retaliatory / Deviant / Dishonest / Lack of Integrity / Manipulative / Impulsive / Poor Judgment / Security & IT Policy Violations • Divided Loyalty Political / Country / Association / Social Network / Employer • Ideological Radicalization / Religion / Terrorism / Beliefs • Egotistical / Entitlement • Exploitable / Vulnerable Lifestyle Alcohol / Drug / Gambling / Sexual Paraphilia Insider Threat
  • 11. UK Insider Threat Study 5 Types of Insider Activities5 Types of Insider Activities Insider Threat 2013 CPNI Insider Data Collection Study Centre for the Protection of National Infrastructure Unauthorized Disclosures Corruption Facilitation of Third Party Access Physical Sabotage IT Sabotage / HackingIT Sabotage / Hacking Male Age 60% committed by employees with less than xx years of service 82% 31 - 45 Permanent Employees 88% > 5 years Primary MotivationPrimary Motivation 20% 47% 14% 14% Financial Ideology Recognition / Ego Loyalty Self-Initiated 76% Female 18%
  • 12. Insider Threat Can you find the Insider? Photo by: Don Tudd Topsy Farms, Ontario
  • 13. Sgt. Mario Vachon, M.Sc. Insider Threat Security Specialist Departmental Security Branch Royal Canadian Mounted Police (613) 843-5557 mario.vachon@rcmp-grc.gc.ca «Detection of Risk is useless without Resolution of Doubt»«Detection of Risk is useless without Resolution of Doubt»