insider threat summit - the future of insider threat detection
TRANSCRIPT
Insider Threat Managementby Gaby Friedlander
CTO & Founder
2007
2016
People Are Responsible for 90% of Security Incidents *
Business users
Contractors
IT users
* Verizon 2015 Data Breach Investigations Report
Bad Actors Negligent Users
There is No Patch for People
Insider Threat Stories
VS
Existing Security Solution Were Designed With Hacker in Mind and Not Trusted
People
Bad Actor
Negligent User
Insider Threat Attack Chain
Tipping Point - Going From Good to Bad
1
Searching for Data2
Capture and Hide the Data3
Data Exfiltration4
***
Monitor employee behavior across the enterprise.
Packaged analytics detects early indicators of Insider Threat.
Calculate and prioritize risky users to investigate.
Detect
Irrefutable Evidence
Insider Threat Requires a Proactive Approach
Behavior Shaping
Homes With Security Stickers and Signs are 80% Less Likely to be Targeted
Prevent Unauthorized Behavior
Suspicious Behaviors Are Often Observable Before Insiders Become a
Threat
Bad Actor
Negligent User
Detect Negligent Behavior1
Inform User of Security Policy2
Enforce Behavior Change3
Behavior Shaping - Educate
Notify Users of Out of Policy Behavior
Centrally Manage Security Policies
Notify users of out-of-policy behavior
Educate employees of acceptable behavior
Educate
ITMLifecycle
Proactive
Reactive
Insider Threat Management Core Components
DETERED
UCATE
DETECT
INVESTIGATE
Be Proactive - Get Rid of the Haystack