About Insider Threats - PowerPoint PPT Presentation

About This Presentation
Title:

About Insider Threats

Description:

You might have heard of the threats that are built into machines, and the ones that are created by people to exploit loopholes in any given system. We're all aware of the malwares and viruses, the phishing sites, fake accounts, and everything digital threat that exists in this day and age. But let’s throw it back to the classics for a bit to tackle on the still existing grave threat, and probably the most dangerous of them all: insider threats. That's right; there isn't a code, a program, software or data cache that's more dangerous than a human mind. – PowerPoint PPT presentation

Number of Views:221

less

Transcript and Presenter's Notes

Title: About Insider Threats


1
About Insider Threats
  • You might have heard of the threats that are
    built into machines, and the ones that are
    created by people to exploit loopholes in any
    given system.
  • We're all aware of the malwares and viruses, the
    phishing sites, fake accounts, and everything
    digital threat that exists in this day and age.
  • But lets throw it back to the classics for a bit
    to tackle on the still existing grave threat, and
    probably the most dangerous of them all insider
    threats.
  • That's right there isn't a code, a program,
    software or data cache that's more dangerous than
    a human mind.

www.izoologic.com
2
About Insider Threats
Since the dawn of time, for every great creation
that works using a system (the calendar, a
government, the multiplication table), there have
been minds who have been able to see the limits
and deduce the effectiveness of each. Fast
forward to thousands of years of human
development, and this still holds true.
Cryptocurrency, the latest trend, has its own
digital demons to exorcise, but its greatest
adversary is still the human mind with evil
intent.
www.izoologic.com
3
Insider Threats
CA Technologies put up a report regarding insider
threats, or the classy, Ocean's Eleven way of
doing things, led by Holger Schulze, CEO and
Founder of Cybersecurity Insiders, a group
dedicated to the investigation of malicious
insiders, and negligent ones. Simply put,
insiders can either know or do not know that
they're being a threat to cybersecurity.
www.izoologic.com
4
Insider Threats
  • This is done, how, you ask?
  • Well, every villainous group has a mastermind.
    That's where it all begins.
  • An employee, executive, or a co-owner of any
    business can jeopardize the security of the
    company, and this mastermind is doing it
    willingly, most likely due to greater ambition.
  • Of course, taking over an empire is no easy task,
    and is not something you can do without allies.
  • So, the next tier of insiders comes to play the
    major players.
  • These are carefully planted moles in every
    department, equipped with the necessary skill,
    title and ambition to participate in such a risky
    activity.
  • Lastly, a scheme will never be complete without
    its most prominent performer the pawns.
  • These are the ones that are either in the loop
    but too incompetent for a bigger role, or the
    people who have no idea that they're
    participating in something of the sort.

www.izoologic.com
5
Insider Threats
CA ran a survey spanning 400,000 members of the
online community, with Cybersecurity Insiders,
in partnership with the Information Security
Community on LinkedIn to conduct an in-depth
study of cybersecurity professionals to gather
fresh insights, reveal the latest trends and
provide actionable guidance on addressing insider
threat. Below are the key takeaways on the
survey
www.izoologic.com
6
Insider Threats
  • 90 of organizations feel vulnerable to insider
    attacks.
  • The main enabling risk factors include too many
    users with excessive access privileges (37), an
    increasing number of devices with access to
    sensitive data (36), and the increasing
    complexity of information technology (35).
  • A majority of 53 confirmed insider attacks
    against their organization in the previous 12
    months (typically less than five attacks).
  • 27 of organizations say insider attacks have
    become more frequent. Organizations are shifting
    their focus on detection of insider threats
    (64), followed by deterrence methods (58) and
    analysis and post breach forensics (49).
  • The use of user behaviour monitoring is
    accelerating 94 of organizations deploy some
    method of monitoring users and 93 monitor access
    to sensitive data.

www.izoologic.com
7
Insider Threats
  • The most popular technologies to deter insider
    threats are
  • Data Loss Prevention (DLP), encryption, and
    identity and access management solutions.
  • To better detect active insider threats,
    companies deploy Intrusion Detection and
    Prevention (IDS), log management and SIEM
    platforms.
  • Lastly, the vast majority (86) of organizations
    already have or are building an insider threat
    program.
  • Thirty-six percept have a formal program in place
    to respond to insider attacks, while 50 are
    focused on developing their program.

www.izoologic.com
8
Insider Threats
  • The types of insiders that pose the biggest risk
    to organizations are somewhat expected, but with
    an asterisk.
  • For example, 56 of the mitigated risk of insider
    threat comes from regular employees, most likely
    out of neglect, or what we call the
    accidental/unintentional insider.
  • 55 of the mitigated risk comes from privileged
    IT users/admins, with access to more confidential
    data as their tier goes higher and is a mix of
    the unintentional and the malicious kind of
    insider.
  • Temporary workers, contractors and service
    providers generate 42 of the mitigated risk and
    is also a combination of unintentional and
    malicious.

www.izoologic.com
9
Insider Threats
  • The kind of data most vulnerable to insiders,
    with a percentage value on mitigated risk are
  • 57 on confidential business information
    (customer data, financial reports, employee data
  • 52 on privileged account information
    (credentials, passwords, security codes)
  • 49 on sensitive personal information (what you
    did last summer, personal identifiable
    information)
  • 32 on intellectual property (trade secrets,
    products in development, designs and blueprints)
  • 27 on operational or infrastructure data
    (network topology and infrastructure, methods of
    wresting control)

10
Insider Threats
  • Most of these data can be accessed on several
    platforms, but the most common sources that
    insiders can get these from are Databases, file
    servers, cloud applications, endpoints, business
    applications, the active directory, the physical
    network, and mobile devices.
  • Accidental insiders get involved primarily
    through phishing attempts, weak passwords,
    unlocked devices, password sharing and unsecured
    networking.
  • Among the organizations participating in the
    survey, 34 consider external attacks (hacking,
    defacing) as the most likely insider threat to
    happen to their organization, while 36 believe
    that they are more prone to a deliberate attack,
    and 30 would like to write it off towards
    accidental/unintentional breach of security.

11
Insider Threats
While this is somewhat a difficult way to breach
Cyber Security, its still the most effective
way, and the human mind is greater than any
machine, hence, this is a problem that's going to
exist for a while.
12
Contact Us
14 Hanover Street, W1S 1YH City of Westminster,
London UNITED KINGDOM
44 20 3734 2726
info_at_izoologic.com
www.izoologic.com
Write a Comment
User Comments (0)
About PowerShow.com