SlideShare a Scribd company logo

Malicious Insiders

G
gjohansen

Malicious Insiders examines the role that insider play in sabotage, industrial espionage and fraud. We also examine how taking proactive steps reduces these risks.

1 of 38
Malicious Insiders
SSC ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
SSC Financial Institutions Law Firms Insurance Industry Law Enforcement Government Corporate Educational Real Estate Companies Industries We Serve
SSC Security Risk Consulting Investigations Uniformed Security
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Insiders ,[object Object]
Definitions ,[object Object],[object Object],[object Object],[object Object],[object Object]
Definitions: What insiders can do ,[object Object],[object Object],[object Object],[object Object],[object Object]
Carrie E. Pifer ,[object Object],[object Object],[object Object],[object Object],[object Object]
Terry Childs Case Study ,[object Object],[object Object],[object Object],[object Object]
Dongfan “Greg” Chung ,[object Object],[object Object],[object Object],[object Object],[object Object]
Insiders: What we see What We See What we do not see
Insiders: Motivation ,[object Object],[object Object]
Insiders: Motivations ,[object Object],[object Object],[object Object],[object Object],[object Object]
Insiders: Motivations External Pressures Internal Psychology Malicious Act
External Pressures ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Internal Psychology ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Costs of Insider Threats ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Mitigating the Insider Threat ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Hiring Practices: Pre-employment Screening (PES) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Having a program, deters applicants with something to hide Benefits
PES: Who should be checked? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],EVERYONE! Anyone hired, transferred or promoted
PES: Vendors and Contractors ,[object Object],[object Object],[object Object],[object Object]
PES: Risk for the employer when taking on screening yourself ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
PES: Background Searches Available ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
PES: Background Searches Available ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
PES: Build an Applicant’s Profile ,[object Object],[object Object],[object Object]
PES: Choosing the Right Searches ,[object Object],[object Object],[object Object],[object Object],[object Object]
PES: Instant Records ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],B E W A R E !
PES: Selecting a Screening Partner ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],What you need to look for:
Policies and Procedures ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Separation of Duties ,[object Object],[object Object],[object Object]
Legal, Management, Security and HR Coordination ,[object Object],[object Object],[object Object],[object Object],[object Object]
Pre-Incident Indicators ,[object Object],[object Object],[object Object],[object Object],[object Object]
Internal Complaint Procedures ,[object Object],[object Object],[object Object],[object Object],[object Object]
Termination Procedures ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Wrap Up ,[object Object],[object Object],[object Object],[object Object],[object Object]
Questions
Contact Us ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider ThreatMurray Security Services
 
Incident response
Incident responseIncident response
Incident responseAnshul Gupta
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hackingmsaksida
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptxSanthosh Prabhu
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics Robb Boyd
 
Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015Lance Peterman
 
SIEM and Threat Hunting
SIEM and Threat HuntingSIEM and Threat Hunting
SIEM and Threat Huntingn|u - The Open Security Community
 

Recommended

The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider ThreatMurray Security Services
 
Incident response
Incident responseIncident response
Incident responseAnshul Gupta
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hackingmsaksida
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptxSanthosh Prabhu
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics TechWiseTV Workshop: Encrypted Traffic Analytics
TechWiseTV Workshop: Encrypted Traffic Analytics Robb Boyd
 
Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015Lance Peterman
 
SIEM and Threat Hunting
SIEM and Threat HuntingSIEM and Threat Hunting
SIEM and Threat Huntingn|u - The Open Security Community
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practicesMohammed Danish Amber
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Controlidingolay
 
Access Controls
Access ControlsAccess Controls
Access Controlsprimeteacher32
 
Brief introduction to digital forensics
Brief introduction to digital forensicsBrief introduction to digital forensics
Brief introduction to digital forensicsMarco Alamanni
 
Tor Browser Forensics on Windows OS
Tor Browser Forensics on Windows OSTor Browser Forensics on Windows OS
Tor Browser Forensics on Windows OSReality Net System Solutions
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Mitre Attack - Credential Dumping - updated.pptx
Mitre Attack - Credential Dumping - updated.pptxMitre Attack - Credential Dumping - updated.pptx
Mitre Attack - Credential Dumping - updated.pptxwaizuq
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering BasicsLuke Rusten
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Red team and blue team in ethical hacking
Red team and blue team in ethical hackingRed team and blue team in ethical hacking
Red team and blue team in ethical hackingVikram Khanna
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Codingbilcorry
 
Cylance Information Security: Compromise Assessment Datasheet
Cylance Information Security: Compromise Assessment DatasheetCylance Information Security: Compromise Assessment Datasheet
Cylance Information Security: Compromise Assessment DatasheetInnovation Network Technologies: InNet
 
Social engineering
Social engineeringSocial engineering
Social engineeringankushmohanty
 
Reconnaissance & Scanning
Reconnaissance & ScanningReconnaissance & Scanning
Reconnaissance & Scanningamiable_indian
 
Soc
SocSoc
SocMukesh Chaudhari
 
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...Jorge Orchilles
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
An overview of access control
An overview of access controlAn overview of access control
An overview of access controlElimity
 
Insider threat event presentation
Insider threat event presentationInsider threat event presentation
Insider threat event presentationIISPEastMids
 
Insider threat
Insider threatInsider threat
Insider threatARCON TECHSOLUTIONS
 

More Related Content

What's hot

Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Controlidingolay
 
Brief introduction to digital forensics
Brief introduction to digital forensicsBrief introduction to digital forensics
Brief introduction to digital forensicsMarco Alamanni
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodologyPiyush Jain
 
Mitre Attack - Credential Dumping - updated.pptx
Mitre Attack - Credential Dumping - updated.pptxMitre Attack - Credential Dumping - updated.pptx
Mitre Attack - Credential Dumping - updated.pptxwaizuq
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering BasicsLuke Rusten
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
Red team and blue team in ethical hacking
Red team and blue team in ethical hackingRed team and blue team in ethical hacking
Red team and blue team in ethical hackingVikram Khanna
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Codingbilcorry
 
Reconnaissance & Scanning
Reconnaissance & ScanningReconnaissance & Scanning
Reconnaissance & Scanningamiable_indian
 
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...Jorge Orchilles
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
An overview of access control
An overview of access controlAn overview of access control
An overview of access controlElimity
 

What's hot (20)

Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practices
 
Information Security Principles - Access Control
Information Security Principles - Access ControlInformation Security Principles - Access Control
Information Security Principles - Access Control
 
Access Controls
Access ControlsAccess Controls
Access Controls
 
Brief introduction to digital forensics
Brief introduction to digital forensicsBrief introduction to digital forensics
Brief introduction to digital forensics
 
Tor Browser Forensics on Windows OS
Tor Browser Forensics on Windows OSTor Browser Forensics on Windows OS
Tor Browser Forensics on Windows OS
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
Mitre Attack - Credential Dumping - updated.pptx
Mitre Attack - Credential Dumping - updated.pptxMitre Attack - Credential Dumping - updated.pptx
Mitre Attack - Credential Dumping - updated.pptx
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering Basics
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
Red team and blue team in ethical hacking
Red team and blue team in ethical hackingRed team and blue team in ethical hacking
Red team and blue team in ethical hacking
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Coding
 
Cylance Information Security: Compromise Assessment Datasheet
Cylance Information Security: Compromise Assessment DatasheetCylance Information Security: Compromise Assessment Datasheet
Cylance Information Security: Compromise Assessment Datasheet
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Reconnaissance & Scanning
Reconnaissance & ScanningReconnaissance & Scanning
Reconnaissance & Scanning
 
Soc
SocSoc
Soc
 
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
Managing & Showing Value during Red Team Engagements & Purple Team Exercises ...
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute force
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
An overview of access control
An overview of access controlAn overview of access control
An overview of access control
 

Viewers also liked

Insider threat event presentation
Insider threat event presentationInsider threat event presentation
Insider threat event presentationIISPEastMids
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziKashif Semple
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection RecommendationsAlienVault
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasuresKAMRAN KHALID
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
Snowden slides
Snowden slidesSnowden slides
Snowden slidesDavid West
 
Insider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoInsider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoMatt Frowert
 

Viewers also liked (10)

Insider threat event presentation
Insider threat event presentationInsider threat event presentation
Insider threat event presentation
 
Insider threat
Insider threatInsider threat
Insider threat
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint Prezi
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
 
Multimedia Privacy
Multimedia PrivacyMultimedia Privacy
Multimedia Privacy
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
 
Snowden slides
Snowden slidesSnowden slides
Snowden slides
 
Insider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoInsider Threats Webinar Final_Tyco
Insider Threats Webinar Final_Tyco
 

Similar to Malicious Insiders

Managing Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital AgeManaging Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital AgePerficient, Inc.
 
Rothke Patchlink
Rothke PatchlinkRothke Patchlink
Rothke PatchlinkBen Rothke
 
Data Breaches: The Cost of Being Unprepared
Data Breaches: The Cost of Being UnpreparedData Breaches: The Cost of Being Unprepared
Data Breaches: The Cost of Being Unpreparedhaynormania
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
Investigative Team
Investigative TeamInvestigative Team
Investigative TeamCTIN
 
Final Presentation Negligent hiring due to lack of background checks hrm 400
Final Presentation Negligent hiring due to lack of background checks hrm 400Final Presentation Negligent hiring due to lack of background checks hrm 400
Final Presentation Negligent hiring due to lack of background checks hrm 400Neha Choudhary, M.A
 
Employee verification major steps
Employee verification major stepsEmployee verification major steps
Employee verification major stepsShailesh Mishra
 
Background Verification companies in India
Background Verification companies in IndiaBackground Verification companies in India
Background Verification companies in IndiaAbhijeetkrishna4
 
Sophisticated Solutions to Complex Workplace Issues
Sophisticated Solutions to Complex Workplace IssuesSophisticated Solutions to Complex Workplace Issues
Sophisticated Solutions to Complex Workplace IssuesBusiness Controls, Inc.
 
Internal InvestigationsChapter 11
Internal InvestigationsChapter 11Internal InvestigationsChapter 11
Internal InvestigationsChapter 11TatianaMajor22
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?PECB
 
How to Manage a Data Breach Involving Multiple Covered Entity Clients
How to Manage a Data Breach Involving Multiple Covered Entity ClientsHow to Manage a Data Breach Involving Multiple Covered Entity Clients
How to Manage a Data Breach Involving Multiple Covered Entity ClientsID Experts
 
Investigating Fast Products For Legal Past History Screening
Investigating Fast Products For Legal Past History ScreeningInvestigating Fast Products For Legal Past History Screening
Investigating Fast Products For Legal Past History Screeninggoofyaccountant16
 

Similar to Malicious Insiders (20)

BEA Presentation
BEA PresentationBEA Presentation
BEA Presentation
 
Managing Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital AgeManaging Privacy Risk and Promoting Ethical Culture in the Digital Age
Managing Privacy Risk and Promoting Ethical Culture in the Digital Age
 
Fraud And Internal Controls Linked In April 2011
Fraud And Internal Controls Linked In April 2011Fraud And Internal Controls Linked In April 2011
Fraud And Internal Controls Linked In April 2011
 
Rothke Patchlink
Rothke PatchlinkRothke Patchlink
Rothke Patchlink
 
Data Breaches: The Cost of Being Unprepared
Data Breaches: The Cost of Being UnpreparedData Breaches: The Cost of Being Unprepared
Data Breaches: The Cost of Being Unprepared
 
Tackling Corporate Fraud
Tackling Corporate FraudTackling Corporate Fraud
Tackling Corporate Fraud
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
 
Investigative Team
Investigative TeamInvestigative Team
Investigative Team
 
Final Presentation Negligent hiring due to lack of background checks hrm 400
Final Presentation Negligent hiring due to lack of background checks hrm 400Final Presentation Negligent hiring due to lack of background checks hrm 400
Final Presentation Negligent hiring due to lack of background checks hrm 400
 
Employee verification major steps
Employee verification major stepsEmployee verification major steps
Employee verification major steps
 
Background Verification companies in India
Background Verification companies in IndiaBackground Verification companies in India
Background Verification companies in India
 
Adrs2
Adrs2Adrs2
Adrs2
 
Sophisticated Solutions to Complex Workplace Issues
Sophisticated Solutions to Complex Workplace IssuesSophisticated Solutions to Complex Workplace Issues
Sophisticated Solutions to Complex Workplace Issues
 
Internal InvestigationsChapter 11
Internal InvestigationsChapter 11Internal InvestigationsChapter 11
Internal InvestigationsChapter 11
 
Kenya AMC Presentation 2
Kenya AMC Presentation 2Kenya AMC Presentation 2
Kenya AMC Presentation 2
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?
 
Case study on forensic audit
Case study on forensic auditCase study on forensic audit
Case study on forensic audit
 
How to Manage a Data Breach Involving Multiple Covered Entity Clients
How to Manage a Data Breach Involving Multiple Covered Entity ClientsHow to Manage a Data Breach Involving Multiple Covered Entity Clients
How to Manage a Data Breach Involving Multiple Covered Entity Clients
 
Investigating Fast Products For Legal Past History Screening
Investigating Fast Products For Legal Past History ScreeningInvestigating Fast Products For Legal Past History Screening
Investigating Fast Products For Legal Past History Screening
 
Investigation and forensic audit in a computerized work environment
Investigation and forensic audit in a computerized work environmentInvestigation and forensic audit in a computerized work environment
Investigation and forensic audit in a computerized work environment
 

Malicious Insiders