Malicious Insiders: A New Approach to Combatting Insider Threats
Recent media attention to high-profile cyberattacks would lead an organization to think external threats are its only concern. Unfortunately, this misconception allows another significant threat to your organization's critical assets to stay completely under the radar - the threat of malicious and non-malicious insiders.
Insider threat has been firmly established as a sustained source of information security headaches for many years now and is not going away in 2017. With so much of an organization's valuable information digitized today, it may be possible that an insider can steal your information; or expose it unintentionally without you knowing it.
Every attack that was witnessed in 2016 and early 2017 has invariably an insider angle to it. It can be difficult to detect and its adverse impact on the enterprise is growing. The key is to building an effective strategy to understand your organization's key vulnerabilities and risk exposures.
In this session you will learn:
- Some of the startling results of meticulous analysis of hundreds of real-life insider attacks from the CERT-In
- Some potential technical and behavioral insider threat risk indicators;
- The latest technologies and systematic approaches including using a log correlation engine of security information and event management (SIEM) system to log, monitor and audit employee actions
- Strategies and to help mitigate the risk and their effectiveness