KS
Uploaded byKashif Semple
PPTX, PDF758 views

Insider Threat Final Powerpoint Prezi

The document outlines a risk assessment of various assets including software, databases, hardware, networks, and human factors. It identifies inherent risks and residual risks after compensating controls. It then discusses plans to contain incidents, communicate to stakeholders, address risks through technical and third party means, and revamp employee training. It also outlines current and enhanced network topologies. Finally, it describes a cybersecurity framework taking a "Identify-Protect-Detect-Respond-Recover" approach.

Embed presentation

Downloaded 17 times
• STAKEHOLDERS • Internal • External • RISK ASSESSMENT Assets Probability (P) Impact (I) Inherent Risk = P x I Compensating Controls Residual Risk Software Medium High High • Patch Management • White Listing Medium Databases Medium High High • Encryption Medium Hardware Low Medium Medium • Blocking External Devices Low Network Medium Medium Medium • Monitoring Low Human Factor Medium High High • Training & Awareness • Reporting Structure • Anti-Retaliation Policy • Open-Door Policy Medium Access Control Medium High High • Least User Privileges Medium
• Patch Management • Whitelisting • Removal of RDP • Hardware-based Firewalls • Two-step authentication • Awareness • Training
• Background Checks/Ongoing Employee Screening • Cyber Vetting • Monitoring user activity • Unauthorized use of personal devices • Security Information and Event Management • Policies on Confidential Reporting • Anti-retaliation Policy • Open-door Policy
Plan and Protect • Create an Incident Response Team Containing the Incident • Isolate affected files or networks • Backup files on servers and hard drives • Remove access upon termination Communication to Stakeholders • Internal Stakeholders • Business Operations • Oversight • Board of Directors • External Stakeholders • Law Enforcement • Regulatory Agencies
Technical Aspect: • Encryption • New Intrusion Prevention Systems • Anti-malware tools Third Party Involvement: • Legal and Insurance Assessments • Notifications of Incidents to: • S&E, FTC, FBI Behavioral: • Revamped Employee Training Modules Press Involvement: • Press Statements • Maintains the integrity of the company Looking Towards The Future!
Current Topology Enhanced Topology • Eliminates Path to E-trading System • Redundancy • Smaller subsets allow for easy management
Identify Place: • Red-Amber-Green Protect Street: • Hardware • Software • Employee Behavior Protection Detect Square: • Screening Process • Flagging Respond Park: • Incident Response Plan Recover Blvd: • Reassessment
Insider Threat Final Powerpoint Prezi

More Related Content

PPTX
Insider threat v3
byLancope, Inc.
 
PPTX
Insider threat kill chain
byTarun Gupta,CRISC CISSP CISM CISA BCCE
 
PDF
Ht t17
bySelectedPresentations
 
PPTX
Insider Threat Solution from GTRI
byZivaro Inc
 
PDF
Identify and Stop Insider Threats
byLancope, Inc.
 
PDF
5 Signs you have an Insider Threat
byLancope, Inc.
 
PDF
Detecting-Preventing-Insider-Threat
byMike Saunders
 
PPSX
Insider threats and countermeasures
byKAMRAN KHALID
 
Insider threat v3
byLancope, Inc.
 
Insider threat kill chain
byTarun Gupta,CRISC CISSP CISM CISA BCCE
 
Ht t17
bySelectedPresentations
 
Insider Threat Solution from GTRI
byZivaro Inc
 
Identify and Stop Insider Threats
byLancope, Inc.
 
5 Signs you have an Insider Threat
byLancope, Inc.
 
Detecting-Preventing-Insider-Threat
byMike Saunders
 
Insider threats and countermeasures
byKAMRAN KHALID
 

What's hot

PDF
The Accidental Insider Threat
byMurray Security Services
 
PPTX
Insider Threat
byAndy Thompson
 
PDF
How to Build an Insider Threat Program in 30 Minutes
byObserveIT
 
PDF
Proactive Measures to Defeat Insider Threat
byAndrew Case
 
PPTX
Insider Threat Summit - The Future of Insider Threat Detection
byObserveIT
 
PDF
Internal Threats: The New Sources of Attack
byMekhi Da ‘Quay Daniels
 
PPTX
How to Build a Successful Incident Response Program
byResilient Systems
 
PPTX
Unintentional Insider Threat featuring Dr. Eric Cole
byDavid Mai, MBA
 
PPTX
Recover your files from Ransomware - Ransomware Incident Response by Tictac
byTicTac Data Recovery
 
PDF
Part 1: Identifying Insider Threats with Fidelis EDR Technology
byFidelis Cybersecurity
 
PDF
Chapter 15 incident handling
bynewbie2019
 
PPTX
Cyber Risk in e-Discovery: What You Need to Know
bykCura_Relativity
 
PPTX
Tsc2021 cyber-issues
byErnest Staats
 
PPTX
Data Security: Why You Need Data Loss Prevention & How to Justify It
byMarc Crudgington, MBA
 
PDF
Data Security in Healthcare
byQuick Heal Technologies Ltd.
 
PDF
Slide Deck CISSP Class Session 2
byFRSecure
 
PDF
CISSP-WEB
byMEHMET FATIH YALDIZ
 
PPTX
Information security trends and steps for (OSAC) Middle East divsion
byErnest Staats
 
PPT
Latihan6 comp-forensic-bab5
bysabtolinux
 
PPTX
Vapt life cycle
bypenetration Tester
 
The Accidental Insider Threat
byMurray Security Services
 
Insider Threat
byAndy Thompson
 
How to Build an Insider Threat Program in 30 Minutes
byObserveIT
 
Proactive Measures to Defeat Insider Threat
byAndrew Case
 
Insider Threat Summit - The Future of Insider Threat Detection
byObserveIT
 
Internal Threats: The New Sources of Attack
byMekhi Da ‘Quay Daniels
 
How to Build a Successful Incident Response Program
byResilient Systems
 
Unintentional Insider Threat featuring Dr. Eric Cole
byDavid Mai, MBA
 
Recover your files from Ransomware - Ransomware Incident Response by Tictac
byTicTac Data Recovery
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
byFidelis Cybersecurity
 
Chapter 15 incident handling
bynewbie2019
 
Cyber Risk in e-Discovery: What You Need to Know
bykCura_Relativity
 
Tsc2021 cyber-issues
byErnest Staats
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
byMarc Crudgington, MBA
 
Data Security in Healthcare
byQuick Heal Technologies Ltd.
 
Slide Deck CISSP Class Session 2
byFRSecure
 
CISSP-WEB
byMEHMET FATIH YALDIZ
 
Information security trends and steps for (OSAC) Middle East divsion
byErnest Staats
 
Latihan6 comp-forensic-bab5
bysabtolinux
 
Vapt life cycle
bypenetration Tester
 

Viewers also liked

PDF
Insider Threat Detection Recommendations
byAlienVault
 
PPT
Malicious Insiders
bygjohansen
 
PPTX
Multimedia Privacy
bySymeon Papadopoulos
 
PPTX
Insider threat event presentation
byIISPEastMids
 
PDF
Insider threat
byARCON TECHSOLUTIONS
 
PDF
Insider Threats Webinar Final_Tyco
byMatt Frowert
 
PPTX
Snowden slides
byDavid West
 
Insider Threat Detection Recommendations
byAlienVault
 
Malicious Insiders
bygjohansen
 
Multimedia Privacy
bySymeon Papadopoulos
 
Insider threat event presentation
byIISPEastMids
 
Insider threat
byARCON TECHSOLUTIONS
 
Insider Threats Webinar Final_Tyco
byMatt Frowert
 
Snowden slides
byDavid West
 

Similar to Insider Threat Final Powerpoint Prezi

PPTX
Cybersecurity Frameworks and You: The Perfect Match
byMcKonly & Asbury, LLP
 
PDF
Cyber Security Risk Mitigation Checklist
bytimsnp
 
PPTX
Risk Presentation
byKathy_67
 
PPTX
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
byJohn D. Johnson
 
PDF
Dr.M.Florence Dayana - Risk Management.pdf
byDr.Florence Dayana
 
PDF
Information Security Planning and Risk Analysis
byabacusgtuc
 
PPTX
Information Security and Risk Management.pptx
byprembasnet12
 
PPT
Risk Assessment And Management
byvikasraina
 
PPTX
Stay Ahead of Threats with Advanced Security Protection - Fortinet
byMarcoTechnologies
 
PPTX
Information Security Risk Management and Compliance.pptx
byAbraraw Zerfu
 
PDF
Threat Based Risk Assessment
byMichael Lines
 
PDF
MT 70 The New Era of Incident Response Planning
byDell EMC World
 
PPTX
Physical Security Assessment
byFaheem Ul Hasan
 
PDF
Cervone uof t - nist framework (1)
byStephen Abram
 
PPT
RiskWatch for Physical & Homeland Security™
byCPaschal
 
PDF
2023 ITM Short Course - Week 1.pdf
byDorcusSitali
 
PDF
NIST critical_infrastructure_cybersecurity.pdf
byssuserb3094b
 
PDF
Lightweight Cybersecurity Risk Assessment Tools for Cyberinfrastructure
byjbasney
 
PDF
Cybersecurity risk assessments help organizations identify.pdf
byTheWalkerGroup1
 
PDF
Week-3_Lecture-1.pdfaaaaaaaaaaaaaaaaaaaaaa
byAmirMohamedNabilSale
 
Cybersecurity Frameworks and You: The Perfect Match
byMcKonly & Asbury, LLP
 
Cyber Security Risk Mitigation Checklist
bytimsnp
 
Risk Presentation
byKathy_67
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
byJohn D. Johnson
 
Dr.M.Florence Dayana - Risk Management.pdf
byDr.Florence Dayana
 
Information Security Planning and Risk Analysis
byabacusgtuc
 
Information Security and Risk Management.pptx
byprembasnet12
 
Risk Assessment And Management
byvikasraina
 
Stay Ahead of Threats with Advanced Security Protection - Fortinet
byMarcoTechnologies
 
Information Security Risk Management and Compliance.pptx
byAbraraw Zerfu
 
Threat Based Risk Assessment
byMichael Lines
 
MT 70 The New Era of Incident Response Planning
byDell EMC World
 
Physical Security Assessment
byFaheem Ul Hasan
 
Cervone uof t - nist framework (1)
byStephen Abram
 
RiskWatch for Physical & Homeland Security™
byCPaschal
 
2023 ITM Short Course - Week 1.pdf
byDorcusSitali
 
NIST critical_infrastructure_cybersecurity.pdf
byssuserb3094b
 
Lightweight Cybersecurity Risk Assessment Tools for Cyberinfrastructure
byjbasney
 
Cybersecurity risk assessments help organizations identify.pdf
byTheWalkerGroup1
 
Week-3_Lecture-1.pdfaaaaaaaaaaaaaaaaaaaaaa
byAmirMohamedNabilSale
 

Insider Threat Final Powerpoint Prezi

  • 4.
    • STAKEHOLDERS • Internal •External • RISK ASSESSMENT Assets Probability (P) Impact (I) Inherent Risk = P x I Compensating Controls Residual Risk Software Medium High High • Patch Management • White Listing Medium Databases Medium High High • Encryption Medium Hardware Low Medium Medium • Blocking External Devices Low Network Medium Medium Medium • Monitoring Low Human Factor Medium High High • Training & Awareness • Reporting Structure • Anti-Retaliation Policy • Open-Door Policy Medium Access Control Medium High High • Least User Privileges Medium
  • 5.
    • Patch Management • Whitelisting •Removal of RDP • Hardware-based Firewalls • Two-step authentication • Awareness • Training
  • 6.
    • Background Checks/OngoingEmployee Screening • Cyber Vetting • Monitoring user activity • Unauthorized use of personal devices • Security Information and Event Management • Policies on Confidential Reporting • Anti-retaliation Policy • Open-door Policy
  • 7.
    Plan and Protect •Create an Incident Response Team Containing the Incident • Isolate affected files or networks • Backup files on servers and hard drives • Remove access upon termination Communication to Stakeholders • Internal Stakeholders • Business Operations • Oversight • Board of Directors • External Stakeholders • Law Enforcement • Regulatory Agencies
  • 8.
    Technical Aspect: • Encryption •New Intrusion Prevention Systems • Anti-malware tools Third Party Involvement: • Legal and Insurance Assessments • Notifications of Incidents to: • S&E, FTC, FBI Behavioral: • Revamped Employee Training Modules Press Involvement: • Press Statements • Maintains the integrity of the company Looking Towards The Future!
  • 9.
    Current Topology Enhanced Topology •Eliminates Path to E-trading System • Redundancy • Smaller subsets allow for easy management
  • 10.
    Identify Place: • Red-Amber-Green ProtectStreet: • Hardware • Software • Employee Behavior Protection Detect Square: • Screening Process • Flagging Respond Park: • Incident Response Plan Recover Blvd: • Reassessment