Five Steps to Building an Effective Insider Threat Program
- LANGUAGE: English DATE: Thursday, December 13, 2018 TIME: 4:00pm CET, 10:00am EST, 7:00am PST
The greatest cybersecurity threat an organization faces is no longer the malicious outsider hacking from beyond network firewalls. It is the insiders - the contractors, third-party vendors, and even your own privileged employees who already have full access to your company's systems and sensitive data. Any of those can cause substantial damage to your business by leaking confidential information, disrupting access to a critical system or simply draining your bank account. The most privileged users in this regard are no longer the IT administrators, but the CEO or CFO, and the number of new attacks targeting them specifically is on the rise.
Recent studies show that the damage caused by a malicious insider can quickly grow to millions of dollars, and simple employee negligence can, in fact, be the costliest threat to your business. Addressing this type of threat requires a completely different approach to cybersecurity – after all, traditional security solutions like firewalls or antiviruses are not designed to stop legitimate users from doing their daily jobs with a malicious twist.
Join this KuppingerCole webinar to learn the top five steps for building and maintaining an effective insider threat program, with best practices and real-life examples that you can use. We are going to cover the following topics:
- The different types of potential malicious insiders and their motivations
- How to determine if your organization is doing enough to address the insider threats
- Five key elements to building an effective insider threat strategy
- Designing an insider threat management strategy as a combination of people, processes and technology – in that order!
In the first part of the webinar, Alexei Balaganski, Lead Analyst at KuppingerCole, will explain the growing significance of insider threats and provide an overview of different types of malicious insiders, their motivations and the damage they can cause. He will also outline the scope and requirements for a sensible insider threat management strategy.
In the second part, Simon Sharp, VP International at ObserveIT, will demonstrate how organizations need to move beyond IT and think of an insider threat management strategy as a combination of people, processes and technology. He will talk about the real-life cases and best practices for organizing these processes and present a technical overview of the technologies behind them.
ObserveIT empowers organizations to detect, investigate and stop insider threats. Purpose-built from the ground up, our uniquely agile threat management platform provides the intelligence that safeguards organizations’ most valuable assets.
With 300+ out-of-the-box insider threat indicators of compromise, rich metadata and outstanding search capability and playback of any policy violation, ObserveIT provides comprehensive visibility into what people – contractors, privileged users and high-risk users – are doing, and reduces investigation time from days to minutes. For more information visit: www.observeit.com.
There is growing interest in deception as a methodology and as an integral part of cybersecurity architecture, as organizations seek more effective approaches for detecting and responding to threats in real time. Distributed Deception Platforms have made this approach practical and affordable for the first time, but choosing the right solution can be challenging.