Top Banner
© Big Sky Associates, Inc. Setting Up Camp against insider threats
29
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Setting Up Campagainst insider threats

Page 2: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

The Problem

Page 3: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

$9 Billion650%

Page 4: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

75% inside

outside 25%

Page 5: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

34%

Page 6: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Page 7: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

many points of failure.

Page 8: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Page 9: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

What should we do about it?

Page 10: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Deter

Detect &

Mitigate

Neutralize &

Exploit

Page 11: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Page 12: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Page 13: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Security gets a little easier

Page 14: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

That’s interesting, but it doesn’t

sound like a game-changer.

Page 15: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

When it gets really cool

Page 16: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Prediction

Page 17: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Info

rmati

on

Risk

Manageable, but daunting

Save a lot of money

I can live with it

Really scary and hard to stop

Page 18: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Security Silos = Detection Failure

Information

Failed authentications

Authentications / Sec

Authorizations / Min

Physical

Door Entries / Min

Location access patterns

Physical security violations / day

Personnel

Performance risk ratings

Background risk score

Credit Rating

Page 19: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Integrated Security = Prediction

Information

Failed authentications

Authentications / Sec

Authorizations / Min

Physical

Door Entries / Min

Location access patterns

Physical security violations / day

Personnel

Performance risk ratings

Background risk score

Credit Rating

Page 20: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Decision Analytics

Strategy

Technique

Technology

Execution

Page 21: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Strategy

Technique

Technology

Execution

Page 22: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Strategy

Technique

Technology

Execution

Page 23: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Strategy

Technique

Technology

Execution

Page 24: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Strategy

Technique

Technology

Execution

Page 25: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Page 26: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Homework

Page 27: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

1. Huddle2. Rank your threats

3. Collect Data

Page 28: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

Page 29: Insider Threats (RIMS 2012)

© Big Sky Associates, Inc.

To get the details and the notes with the slides, contact me here or email me at [email protected]


Related Documents
Monitoring Technologies for Mitigating Insider Threatsids.cs.columbia.edu/sites/default/files/insider-bookchapter.pdf · Monitoring Technologies for Mitigating Insider Threats ...

Monitoring Technologies for Mitigating Insider...

Category: Documents
Insider threats webinar 01.28.15

Insider threats webinar 01.28.15

Category: Technology
CORPORATE CYBER SECURITY INSIDER THREATS Dan Maloney.

CORPORATE CYBER SECURITY INSIDER THREATS Dan Maloney.

Category: Documents
Common Sense Guide to Mitigating Insider Threats, … Threat - CERT...REV-04.06.2018.0 Common Sense Guide to Mitigating Insider Threats, Sixth Edition CERT National Insider Threat

Common Sense Guide to Mitigating Insider Threats, … Threat...

Category: Documents
COUNTERING INSIDER THREATS – HANDLING INSIDER THREATS … · countering insider threats – handling insider threats using dynamic, run-time forensics 5c. program element number

COUNTERING INSIDER THREATS – HANDLING INSIDER THREATS...

Category: Documents
Protecting Information Insider Threats

Protecting Information Insider Threats

Category: Documents
Prevent Insider Threats with User Activity Monitoring

Prevent Insider Threats with User Activity Monitoring

Category: Technology
Unintentional Insider Threats: Social Engineering

Unintentional Insider Threats: Social Engineering

Category: Documents
Insider Threats: Insider The Danger Within Threats...defines insider threats as any “current or former employee, contractor, or other business partner who has or had access to an

Insider Threats: Insider The Danger Within Threats...defines...

Category: Documents
Insider Threats Survey

Insider Threats Survey

Category: Documents
Detecting Insider Threats with User Behavior Analytics

Detecting Insider Threats with User Behavior Analytics

Category: Technology
Analysis and Detection of Insider Threats

Analysis and Detection of Insider Threats

Category: Documents