SlideShare a Scribd company logo

Managing Insider Risk

Download as PPTX, PDF
Phil Huggins FBCS CITP
Phil Huggins FBCS CITP

A presentation I gave to the July 2015 NED Forum on Managing Insider Risk using the Critical Pathway to Insider Risk. I've removed a product specific slide for public release.

Leadership & Management
1 of 14
Managing Insider Risk NED Forum July 2015
2 Proposed agenda I. Stroz Friedberg II. The Insider Challenge III. How to Respond
3 Stroz Friedberg
4 Stroz Friedberg offers it’s clients trusted advice on understanding, improving and maintaining the cyber security of their organisations Stroz Friedberg brings:  A distinctive blend of technology, legal and regulatory, investigative and advisory skills  An exceptional reputation for ethics and neutrality  Global reach capacity to handle multi-national projects  Unmatched experience in handling the most important, high profile situations  Credibility with regulators and boards Cyber Security Leadership Identification Protection Evolution SECURITY SCIENCE World class response to digital trouble – and advice on how to prepare for cyber attacks INCIDENT RESPONSE Detection Response Recovery Leading experts on cyber defence - pragmatic, evidence- driven, strategies and tactics that work
5 The Insider Challenge
6 Insider Risks Insider Risks Workplace Violence Espionage or IP Theft Sabotage Conspiracy Attrition & Bad Leavers Sexual Misconduct Substance Abuse Suicide & Mental Health
7 Scope of Concern Malicious External Accidental Internal Organisation BoundaryIntention
8 Path to Insider Risk Personal Predispositions Stressors Interpersonal Technical Security Financial Personnel Mental Health/Addiction Social Network Travel Personal Professional Financial Medical/Psychiatric Conditions Personality or Social Skills Issues Previous Rule Violations Social Network Risks Suspicious Travel Concerning Behaviors Maladaptive Organization Response Plans Recruitment Insider Attack Op Sec Action Economic Stress Military Conflict Political Conflict
9 Example insiders Chelsea Elizabeth Manning (born Bradley Edward Manning) is a trans woman and former US Army soldier convicted in July 2013 after releasing one of the largest set of classified documents ever leaked to the public PFC Manning Bruce Ivins Former senior biodefense researcher at the US Army Medical Research Institute of Infectious Diseases and the key suspect in the 2001 anthrax attacks Corporate IP Thief Corporate insider discovered stealing intellectual property during a client investigation Aldrich Ames Former Central Intelligence Agency analyst and counterintelligence officer. Convicted in 1994 after admitting espionage leading to the deaths of US sources and the compromise of many intelligence operations. Online Stalker Anonymous online blackmailer outed and identified as a former employee during a client investigation Hassan Abu-Jihaad Born Paul R. Hall, former US Navy officer convicted of supporting terrorism in 2001 after disclosing the location of Navy ships and their weaknesses to an online Al-Qaeda forum while serving as a signalman on board the USS Benfold Greg Smith In his March 2012 resignation letter, printed as an op-ed in The New York Times, the former head of Goldman Sachs US equity derivatives business in Europe, the Middle East and Africa attacked GS and its leadership
10 Risk and the Critical Pathway CRITICAL PATHWAY MANNING AMES IVINS CORPORATE IP THIEF Psychiatric disorders Gender identity Alcoholism Multiple psych issues including Dissociative Identity Disorder Signs of depression Personality/social skills issues Yes Yes Yes Signs of narcissistic personality disorder Previous violations Juvenile delinquency Juvenile delinquency College vandalism, theft Unknown Social Network Risks Hackers N/A Family history of crime Family connection interferes with work loyalty STRESSORS Personal, professional, financial Personal, professional, financial Personal, professional, financial Marital, family, supervisor conflict, bad review, conflict with HR Concerning Behaviors Multiple Multiple Multiple Tardiness, missed meetings, circumventing supervisors, resigns Maladaptive Organizational Response Multiple Multiple No comment HR inquiry escalates risk Observed Insider Activity Hacker & press contacts Travel, spending Lab violations Lies about resignation, downloads during “vacation”
11 Responding to Insider Risk
12 Controls and Mitigations Identify High-Risk Roles Pre-Employment Screening Non-Disclosure Agreements Clear Published Policies Leadership Behaviours Confidential Staff Personal Support Regular Awareness Training Prompt & Consistent HR Responses Data Classification Data Labelling Sensitive Project / Client Code Names Physical Security (Badge Access) Minimisation & Encryption of Data Stores Password Quality Standards Login Banners Folder-level Permissions Comprehensive Identity & Access Management Privileged User Access Management Regular audits of permissions and access rights Minimised VPN Access Data Leakage Prevention Tools On-Going Screening Exit Interviews Whistle Blower Support Accounting Procedures Security Cameras Extensive Logging Network Security Monitoring Behavioural Analytics Psycho-Linguistic Analytics Recruitment Continuous Controls Monitoring
13 Technical Behavioural Indicators New Job Searches Addictive Usage Unusual Pattern of Life AUP Breaches Impossible Journeys Failed Logons Failed Badge Access Large Volume Uploads History Deletion
strozfriedberg.com THANK YOU Phil Huggins, Vice President phuggins@strozfriedberg.co.uk +44 (0)207 061 2299

Recommended

Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksPhil Huggins FBCS CITP
 
Resilience is the new cyber security
Resilience is the new cyber securityResilience is the new cyber security
Resilience is the new cyber securityPhil Huggins FBCS CITP
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilienceAndrew Bycroft
 
Cybersecurity Solutions
Cybersecurity SolutionsCybersecurity Solutions
Cybersecurity SolutionsErin Planting
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond CyberPhil Huggins FBCS CITP
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtJohn D. Johnson
 
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...EC-Council
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezEC-Council
 

Recommended

Cyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksCyber Resilience: Managing Cyber Shocks
Cyber Resilience: Managing Cyber ShocksPhil Huggins FBCS CITP
 
Resilience is the new cyber security
Resilience is the new cyber securityResilience is the new cyber security
Resilience is the new cyber securityPhil Huggins FBCS CITP
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilienceAndrew Bycroft
 
Cybersecurity Solutions
Cybersecurity SolutionsCybersecurity Solutions
Cybersecurity SolutionsErin Planting
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond CyberPhil Huggins FBCS CITP
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtJohn D. Johnson
 
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...
Breach Fixation: How Breaches Distort Reality And How We Should Respond- John...EC-Council
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezEC-Council
 
EVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEC-Council
 
Pitfalls of Cyber Data
Pitfalls of Cyber DataPitfalls of Cyber Data
Pitfalls of Cyber DataPhil Huggins FBCS CITP
 
Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?John D. Johnson
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber ResiliencePhil Huggins FBCS CITP
 
Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber ThreatsPhil Huggins FBCS CITP
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Fidelis Cybersecurity
 
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...Dragos, Inc.
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
CEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackCEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackKevin Duffey
 
CTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John CrainCTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John Crainsegughana
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)OCTF Industry Engagement
 
An Intro to Resolver's InfoSec Application (RiskVision)
An Intro to Resolver's InfoSec Application (RiskVision)An Intro to Resolver's InfoSec Application (RiskVision)
An Intro to Resolver's InfoSec Application (RiskVision)Resolver Inc.
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk AssessmentResolver Inc.
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentConSanFrancisco123
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Pro Mrkt
 
Be Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeBe Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeKevin Duffey
 
Evidence-Based Risk Management
Evidence-Based Risk ManagementEvidence-Based Risk Management
Evidence-Based Risk ManagementEnergySec
 
Social Engineering the CEO
Social Engineering the CEOSocial Engineering the CEO
Social Engineering the CEOKevin Duffey
 
Zoonosis and food emerging risks
Zoonosis and food emerging risksZoonosis and food emerging risks
Zoonosis and food emerging risksainia centro tecnológico
 
First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]Phil Huggins FBCS CITP
 

More Related Content

What's hot

EVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEC-Council
 
Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?John D. Johnson
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Fidelis Cybersecurity
 
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...Dragos, Inc.
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitKevin Duffey
 
CEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackCEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackKevin Duffey
 
CTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John CrainCTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John Crainsegughana
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
An Intro to Resolver's InfoSec Application (RiskVision)
An Intro to Resolver's InfoSec Application (RiskVision)An Intro to Resolver's InfoSec Application (RiskVision)
An Intro to Resolver's InfoSec Application (RiskVision)Resolver Inc.
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk AssessmentResolver Inc.
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentConSanFrancisco123
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Pro Mrkt
 
Be Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeBe Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeKevin Duffey
 
Evidence-Based Risk Management
Evidence-Based Risk ManagementEvidence-Based Risk Management
Evidence-Based Risk ManagementEnergySec
 
Social Engineering the CEO
Social Engineering the CEOSocial Engineering the CEO
Social Engineering the CEOKevin Duffey
 

What's hot (20)

EVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor Volovich
 
Pitfalls of Cyber Data
Pitfalls of Cyber DataPitfalls of Cyber Data
Pitfalls of Cyber Data
 
Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?Managing Enterprise Risk: Why U No Haz Metrics?
Managing Enterprise Risk: Why U No Haz Metrics?
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
 
Countering Cyber Threats
Countering Cyber ThreatsCountering Cyber Threats
Countering Cyber Threats
 
Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology Part 1: Identifying Insider Threats with Fidelis EDR Technology
Part 1: Identifying Insider Threats with Fidelis EDR Technology
 
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...
Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...
 
Cyber Recovery - Legal Toolkit
Cyber Recovery - Legal ToolkitCyber Recovery - Legal Toolkit
Cyber Recovery - Legal Toolkit
 
CEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber AttackCEOs leading Recovery from Cyber Attack
CEOs leading Recovery from Cyber Attack
 
CTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John CrainCTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John Crain
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)CRI-Exec-Cyber-Briefings (1)
CRI-Exec-Cyber-Briefings (1)
 
An Intro to Resolver's InfoSec Application (RiskVision)
An Intro to Resolver's InfoSec Application (RiskVision)An Intro to Resolver's InfoSec Application (RiskVision)
An Intro to Resolver's InfoSec Application (RiskVision)
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk Assessment
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
Making Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software DevelopmentMaking Threat Modeling Useful To Software Development
Making Threat Modeling Useful To Software Development
 
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
Mark Lomas - Taking a Holistic Approach to Cyber Threat Prevention #midscyber...
 
Be Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crimeBe Angry - why CEOs should join the coalition against cyber crime
Be Angry - why CEOs should join the coalition against cyber crime
 
Evidence-Based Risk Management
Evidence-Based Risk ManagementEvidence-Based Risk Management
Evidence-Based Risk Management
 
Social Engineering the CEO
Social Engineering the CEOSocial Engineering the CEO
Social Engineering the CEO
 

Viewers also liked

First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]Phil Huggins FBCS CITP
 
First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]Phil Huggins FBCS CITP
 
First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]Phil Huggins FBCS CITP
 
PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...Phil Huggins FBCS CITP
 
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks Phil Huggins FBCS CITP
 
First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]Phil Huggins FBCS CITP
 
First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]Phil Huggins FBCS CITP
 
Penetration Testing; A customers perspective
Penetration Testing; A customers perspectivePenetration Testing; A customers perspective
Penetration Testing; A customers perspectivePhil Huggins FBCS CITP
 
PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems Phil Huggins FBCS CITP
 

Viewers also liked (19)

Zoonosis and food emerging risks
Zoonosis and food emerging risksZoonosis and food emerging risks
Zoonosis and food emerging risks
 
First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]
 
First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]First Responder Course - Session 10 - Static Evidence Collection [2004]
First Responder Course - Session 10 - Static Evidence Collection [2004]
 
Security Metrics [2008]
Security Metrics [2008]Security Metrics [2008]
Security Metrics [2008]
 
First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]First Responder Course - Session 9 - Volatile Evidence Collection [2004]
First Responder Course - Session 9 - Volatile Evidence Collection [2004]
 
PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...PIANOS: Protecting Information About Networks The Organisation and It's Syste...
PIANOS: Protecting Information About Networks The Organisation and It's Syste...
 
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
Security and Resilience Vulnerabilities in the UK’s Telecoms Networks
 
First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]First Responders Course - Session 8 - Digital Evidence Collection [2004]
First Responders Course - Session 8 - Digital Evidence Collection [2004]
 
Delivering Secure Projects
Delivering Secure ProjectsDelivering Secure Projects
Delivering Secure Projects
 
First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]First Responders Course- Session 1 - Digital and Other Evidence [2004]
First Responders Course- Session 1 - Digital and Other Evidence [2004]
 
Introduction to Hacktivism
Introduction to HacktivismIntroduction to Hacktivism
Introduction to Hacktivism
 
Measuring black boxes
Measuring black boxesMeasuring black boxes
Measuring black boxes
 
UK Legal Framework (2003)
UK Legal Framework (2003)UK Legal Framework (2003)
UK Legal Framework (2003)
 
Penetration Testing; A customers perspective
Penetration Testing; A customers perspectivePenetration Testing; A customers perspective
Penetration Testing; A customers perspective
 
PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems PIANOS: Protecting Information About Networks The Organisation and It's Systems
PIANOS: Protecting Information About Networks The Organisation and It's Systems
 
Network Reconnaissance Infographic
Network Reconnaissance InfographicNetwork Reconnaissance Infographic
Network Reconnaissance Infographic
 
Probability Calibration
Probability CalibrationProbability Calibration
Probability Calibration
 
Intelligence-led Cybersecurity
Intelligence-led Cybersecurity Intelligence-led Cybersecurity
Intelligence-led Cybersecurity
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
 

Similar to Managing Insider Risk

Reputation Management In The Age Of Social Media Revised
Reputation Management In The Age Of Social Media RevisedReputation Management In The Age Of Social Media Revised
Reputation Management In The Age Of Social Media RevisedJames Kane
 
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...IntelCollab.com
 
Reputation: The Cornerstone of a Family Office
Reputation: The Cornerstone of a Family OfficeReputation: The Cornerstone of a Family Office
Reputation: The Cornerstone of a Family OfficeReputationDefender
 
Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxZakiAhmed70
 
Examples Of Critique Essays. Sample New Criticism essay 1
Examples Of Critique Essays. Sample New Criticism essay 1Examples Of Critique Essays. Sample New Criticism essay 1
Examples Of Critique Essays. Sample New Criticism essay 1Morgan Daniels
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptCakraWicaksono3
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptpixvilx
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
'Unsustainably Sustainable' by Dr Carl Ungerer and Vanessa Liell at Mumbrella...
'Unsustainably Sustainable' by Dr Carl Ungerer and Vanessa Liell at Mumbrella...'Unsustainably Sustainable' by Dr Carl Ungerer and Vanessa Liell at Mumbrella...
'Unsustainably Sustainable' by Dr Carl Ungerer and Vanessa Liell at Mumbrella...Brittany Ferdinands
 
THE CHANGING FACE OF IDENTITY THEFT
THE CHANGING FACE OF IDENTITY THEFTTHE CHANGING FACE OF IDENTITY THEFT
THE CHANGING FACE OF IDENTITY THEFT- Mark - Fullbright
 
Richard was just 11 years of age when he set his first fire. He clai.docx
Richard was just 11 years of age when he set his first fire. He clai.docxRichard was just 11 years of age when he set his first fire. He clai.docx
Richard was just 11 years of age when he set his first fire. He clai.docxmalbert5
 
How Should Risk Leaders of Future Work With AI.pdf
How Should Risk Leaders of Future Work With AI.pdfHow Should Risk Leaders of Future Work With AI.pdf
How Should Risk Leaders of Future Work With AI.pdfThe IRM India
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessEric Schiowitz
 
Something is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemSomething is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemShawn Tuma
 
Social Networking Threats
Social Networking ThreatsSocial Networking Threats
Social Networking Threatsejhilbert
 
Deconstructing the cost of a data breach
Deconstructing the cost of a data breachDeconstructing the cost of a data breach
Deconstructing the cost of a data breachPatrick Florer
 
CFO Essentials Workshop - Los Angeles
CFO Essentials Workshop - Los AngelesCFO Essentials Workshop - Los Angeles
CFO Essentials Workshop - Los AngelesRonit Koren
 
Hedna pii is your goldmine a landmine
Hedna pii is your goldmine a landmineHedna pii is your goldmine a landmine
Hedna pii is your goldmine a landmineEvelyne Oreskovich
 

Similar to Managing Insider Risk (20)

Reputation Management In The Age Of Social Media Revised
Reputation Management In The Age Of Social Media RevisedReputation Management In The Age Of Social Media Revised
Reputation Management In The Age Of Social Media Revised
 
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...
 
Cyber Threat Landscape
Cyber Threat LandscapeCyber Threat Landscape
Cyber Threat Landscape
 
Reputation: The Cornerstone of a Family Office
Reputation: The Cornerstone of a Family OfficeReputation: The Cornerstone of a Family Office
Reputation: The Cornerstone of a Family Office
 
Ciso NYC
Ciso NYCCiso NYC
Ciso NYC
 
Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptx
 
Examples Of Critique Essays. Sample New Criticism essay 1
Examples Of Critique Essays. Sample New Criticism essay 1Examples Of Critique Essays. Sample New Criticism essay 1
Examples Of Critique Essays. Sample New Criticism essay 1
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
'Unsustainably Sustainable' by Dr Carl Ungerer and Vanessa Liell at Mumbrella...
'Unsustainably Sustainable' by Dr Carl Ungerer and Vanessa Liell at Mumbrella...'Unsustainably Sustainable' by Dr Carl Ungerer and Vanessa Liell at Mumbrella...
'Unsustainably Sustainable' by Dr Carl Ungerer and Vanessa Liell at Mumbrella...
 
THE CHANGING FACE OF IDENTITY THEFT
THE CHANGING FACE OF IDENTITY THEFTTHE CHANGING FACE OF IDENTITY THEFT
THE CHANGING FACE OF IDENTITY THEFT
 
Richard was just 11 years of age when he set his first fire. He clai.docx
Richard was just 11 years of age when he set his first fire. He clai.docxRichard was just 11 years of age when he set his first fire. He clai.docx
Richard was just 11 years of age when he set his first fire. He clai.docx
 
How Should Risk Leaders of Future Work With AI.pdf
How Should Risk Leaders of Future Work With AI.pdfHow Should Risk Leaders of Future Work With AI.pdf
How Should Risk Leaders of Future Work With AI.pdf
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
 
Something is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid ThemSomething is Phishy: Cyber Scams and How to Avoid Them
Something is Phishy: Cyber Scams and How to Avoid Them
 
Social Networking Threats
Social Networking ThreatsSocial Networking Threats
Social Networking Threats
 
Deconstructing the cost of a data breach
Deconstructing the cost of a data breachDeconstructing the cost of a data breach
Deconstructing the cost of a data breach
 
CFO Essentials Workshop - Los Angeles
CFO Essentials Workshop - Los AngelesCFO Essentials Workshop - Los Angeles
CFO Essentials Workshop - Los Angeles
 
Hedna pii is your goldmine a landmine
Hedna pii is your goldmine a landmineHedna pii is your goldmine a landmine
Hedna pii is your goldmine a landmine
 

Recently uploaded

Simplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes ThinkingSimplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes ThinkingCIToolkit
 
Shaping Organizational Culture Beyond Wishful Thinking
Shaping Organizational Culture Beyond Wishful ThinkingShaping Organizational Culture Beyond Wishful Thinking
Shaping Organizational Culture Beyond Wishful ThinkingGiuseppe De Simone
 
Mind Mapping: A Visual Approach to Organize Ideas and Thoughts
Mind Mapping: A Visual Approach to Organize Ideas and ThoughtsMind Mapping: A Visual Approach to Organize Ideas and Thoughts
Mind Mapping: A Visual Approach to Organize Ideas and ThoughtsCIToolkit
 
Chapter 1 Performance Management HRM.ppt
Chapter 1 Performance Management HRM.pptChapter 1 Performance Management HRM.ppt
Chapter 1 Performance Management HRM.ppt2020102713
 
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why Diagram
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why DiagramBeyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why Diagram
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why DiagramCIToolkit
 
Measuring True Process Yield using Robust Yield Metrics
Measuring True Process Yield using Robust Yield MetricsMeasuring True Process Yield using Robust Yield Metrics
Measuring True Process Yield using Robust Yield MetricsCIToolkit
 
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...CIToolkit
 
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证jdkhjh
 
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024Giuseppe De Simone
 
Farmer Representative Organization in Lucknow | Rashtriya Kisan Manch
Farmer Representative Organization in Lucknow | Rashtriya Kisan ManchFarmer Representative Organization in Lucknow | Rashtriya Kisan Manch
Farmer Representative Organization in Lucknow | Rashtriya Kisan ManchRashtriya Kisan Manch
 
THE LEADERSHIP TO CHANGE THE WOLRD THIS IS YOUR HOUR PURSUES YOUR GIFT, TALEN...
THE LEADERSHIP TO CHANGE THE WOLRD THIS IS YOUR HOUR PURSUES YOUR GIFT, TALEN...THE LEADERSHIP TO CHANGE THE WOLRD THIS IS YOUR HOUR PURSUES YOUR GIFT, TALEN...
THE LEADERSHIP TO CHANGE THE WOLRD THIS IS YOUR HOUR PURSUES YOUR GIFT, TALEN...PROF. PAUL ALLIEU KAMARA
 
Unlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency MatrixUnlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency MatrixCIToolkit
 
From Red to Green: Enhancing Decision-Making with Traffic Light Assessment
From Red to Green: Enhancing Decision-Making with Traffic Light AssessmentFrom Red to Green: Enhancing Decision-Making with Traffic Light Assessment
From Red to Green: Enhancing Decision-Making with Traffic Light AssessmentCIToolkit
 
The Final Activity in Project Management
The Final Activity in Project ManagementThe Final Activity in Project Management
The Final Activity in Project ManagementCIToolkit
 
Digital PR Summit - Leadership Lessons: Myths, Mistakes, & Toxic Traits
Digital PR Summit - Leadership Lessons: Myths, Mistakes, & Toxic TraitsDigital PR Summit - Leadership Lessons: Myths, Mistakes, & Toxic Traits
Digital PR Summit - Leadership Lessons: Myths, Mistakes, & Toxic TraitsHannah Smith
 
Choosing the best strategy qspm matrix.pptx
Choosing the best strategy qspm matrix.pptxChoosing the best strategy qspm matrix.pptx
Choosing the best strategy qspm matrix.pptxMadan Karki
 
How-How Diagram: A Practical Approach to Problem Resolution
How-How Diagram: A Practical Approach to Problem ResolutionHow-How Diagram: A Practical Approach to Problem Resolution
How-How Diagram: A Practical Approach to Problem ResolutionCIToolkit
 
From Goals to Actions: Uncovering the Key Components of Improvement Roadmaps
From Goals to Actions: Uncovering the Key Components of Improvement RoadmapsFrom Goals to Actions: Uncovering the Key Components of Improvement Roadmaps
From Goals to Actions: Uncovering the Key Components of Improvement RoadmapsCIToolkit
 

Recently uploaded (18)

Simplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes ThinkingSimplifying Complexity: How the Four-Field Matrix Reshapes Thinking
Simplifying Complexity: How the Four-Field Matrix Reshapes Thinking
 
Shaping Organizational Culture Beyond Wishful Thinking
Shaping Organizational Culture Beyond Wishful ThinkingShaping Organizational Culture Beyond Wishful Thinking
Shaping Organizational Culture Beyond Wishful Thinking
 
Mind Mapping: A Visual Approach to Organize Ideas and Thoughts
Mind Mapping: A Visual Approach to Organize Ideas and ThoughtsMind Mapping: A Visual Approach to Organize Ideas and Thoughts
Mind Mapping: A Visual Approach to Organize Ideas and Thoughts
 
Chapter 1 Performance Management HRM.ppt
Chapter 1 Performance Management HRM.pptChapter 1 Performance Management HRM.ppt
Chapter 1 Performance Management HRM.ppt
 
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why Diagram
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why DiagramBeyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why Diagram
Beyond the Five Whys: Exploring the Hierarchical Causes with the Why-Why Diagram
 
Measuring True Process Yield using Robust Yield Metrics
Measuring True Process Yield using Robust Yield MetricsMeasuring True Process Yield using Robust Yield Metrics
Measuring True Process Yield using Robust Yield Metrics
 
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...
Paired Comparison Analysis: A Practical Tool for Evaluating Options and Prior...
 
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证
原版1:1复刻密西西比大学毕业证Mississippi毕业证留信学历认证
 
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024
Effective learning in the Age of Hybrid Work - Agile Saturday Tallinn 2024
 
Farmer Representative Organization in Lucknow | Rashtriya Kisan Manch
Farmer Representative Organization in Lucknow | Rashtriya Kisan ManchFarmer Representative Organization in Lucknow | Rashtriya Kisan Manch
Farmer Representative Organization in Lucknow | Rashtriya Kisan Manch
 
THE LEADERSHIP TO CHANGE THE WOLRD THIS IS YOUR HOUR PURSUES YOUR GIFT, TALEN...
THE LEADERSHIP TO CHANGE THE WOLRD THIS IS YOUR HOUR PURSUES YOUR GIFT, TALEN...THE LEADERSHIP TO CHANGE THE WOLRD THIS IS YOUR HOUR PURSUES YOUR GIFT, TALEN...
THE LEADERSHIP TO CHANGE THE WOLRD THIS IS YOUR HOUR PURSUES YOUR GIFT, TALEN...
 
Unlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency MatrixUnlocking Productivity and Personal Growth through the Importance-Urgency Matrix
Unlocking Productivity and Personal Growth through the Importance-Urgency Matrix
 
From Red to Green: Enhancing Decision-Making with Traffic Light Assessment
From Red to Green: Enhancing Decision-Making with Traffic Light AssessmentFrom Red to Green: Enhancing Decision-Making with Traffic Light Assessment
From Red to Green: Enhancing Decision-Making with Traffic Light Assessment
 
The Final Activity in Project Management
The Final Activity in Project ManagementThe Final Activity in Project Management
The Final Activity in Project Management
 
Digital PR Summit - Leadership Lessons: Myths, Mistakes, & Toxic Traits
Digital PR Summit - Leadership Lessons: Myths, Mistakes, & Toxic TraitsDigital PR Summit - Leadership Lessons: Myths, Mistakes, & Toxic Traits
Digital PR Summit - Leadership Lessons: Myths, Mistakes, & Toxic Traits
 
Choosing the best strategy qspm matrix.pptx
Choosing the best strategy qspm matrix.pptxChoosing the best strategy qspm matrix.pptx
Choosing the best strategy qspm matrix.pptx
 
How-How Diagram: A Practical Approach to Problem Resolution
How-How Diagram: A Practical Approach to Problem ResolutionHow-How Diagram: A Practical Approach to Problem Resolution
How-How Diagram: A Practical Approach to Problem Resolution
 
From Goals to Actions: Uncovering the Key Components of Improvement Roadmaps
From Goals to Actions: Uncovering the Key Components of Improvement RoadmapsFrom Goals to Actions: Uncovering the Key Components of Improvement Roadmaps
From Goals to Actions: Uncovering the Key Components of Improvement Roadmaps
 

Managing Insider Risk

  • 1. Managing Insider Risk NED Forum July 2015
  • 2. 2 Proposed agenda I. Stroz Friedberg II. The Insider Challenge III. How to Respond
  • 4. 4 Stroz Friedberg offers it’s clients trusted advice on understanding, improving and maintaining the cyber security of their organisations Stroz Friedberg brings:  A distinctive blend of technology, legal and regulatory, investigative and advisory skills  An exceptional reputation for ethics and neutrality  Global reach capacity to handle multi-national projects  Unmatched experience in handling the most important, high profile situations  Credibility with regulators and boards Cyber Security Leadership Identification Protection Evolution SECURITY SCIENCE World class response to digital trouble – and advice on how to prepare for cyber attacks INCIDENT RESPONSE Detection Response Recovery Leading experts on cyber defence - pragmatic, evidence- driven, strategies and tactics that work
  • 6. 6 Insider Risks Insider Risks Workplace Violence Espionage or IP Theft Sabotage Conspiracy Attrition & Bad Leavers Sexual Misconduct Substance Abuse Suicide & Mental Health
  • 7. 7 Scope of Concern Malicious External Accidental Internal Organisation BoundaryIntention
  • 8. 8 Path to Insider Risk Personal Predispositions Stressors Interpersonal Technical Security Financial Personnel Mental Health/Addiction Social Network Travel Personal Professional Financial Medical/Psychiatric Conditions Personality or Social Skills Issues Previous Rule Violations Social Network Risks Suspicious Travel Concerning Behaviors Maladaptive Organization Response Plans Recruitment Insider Attack Op Sec Action Economic Stress Military Conflict Political Conflict
  • 9. 9 Example insiders Chelsea Elizabeth Manning (born Bradley Edward Manning) is a trans woman and former US Army soldier convicted in July 2013 after releasing one of the largest set of classified documents ever leaked to the public PFC Manning Bruce Ivins Former senior biodefense researcher at the US Army Medical Research Institute of Infectious Diseases and the key suspect in the 2001 anthrax attacks Corporate IP Thief Corporate insider discovered stealing intellectual property during a client investigation Aldrich Ames Former Central Intelligence Agency analyst and counterintelligence officer. Convicted in 1994 after admitting espionage leading to the deaths of US sources and the compromise of many intelligence operations. Online Stalker Anonymous online blackmailer outed and identified as a former employee during a client investigation Hassan Abu-Jihaad Born Paul R. Hall, former US Navy officer convicted of supporting terrorism in 2001 after disclosing the location of Navy ships and their weaknesses to an online Al-Qaeda forum while serving as a signalman on board the USS Benfold Greg Smith In his March 2012 resignation letter, printed as an op-ed in The New York Times, the former head of Goldman Sachs US equity derivatives business in Europe, the Middle East and Africa attacked GS and its leadership
  • 10. 10 Risk and the Critical Pathway CRITICAL PATHWAY MANNING AMES IVINS CORPORATE IP THIEF Psychiatric disorders Gender identity Alcoholism Multiple psych issues including Dissociative Identity Disorder Signs of depression Personality/social skills issues Yes Yes Yes Signs of narcissistic personality disorder Previous violations Juvenile delinquency Juvenile delinquency College vandalism, theft Unknown Social Network Risks Hackers N/A Family history of crime Family connection interferes with work loyalty STRESSORS Personal, professional, financial Personal, professional, financial Personal, professional, financial Marital, family, supervisor conflict, bad review, conflict with HR Concerning Behaviors Multiple Multiple Multiple Tardiness, missed meetings, circumventing supervisors, resigns Maladaptive Organizational Response Multiple Multiple No comment HR inquiry escalates risk Observed Insider Activity Hacker & press contacts Travel, spending Lab violations Lies about resignation, downloads during “vacation”
  • 12. 12 Controls and Mitigations Identify High-Risk Roles Pre-Employment Screening Non-Disclosure Agreements Clear Published Policies Leadership Behaviours Confidential Staff Personal Support Regular Awareness Training Prompt & Consistent HR Responses Data Classification Data Labelling Sensitive Project / Client Code Names Physical Security (Badge Access) Minimisation & Encryption of Data Stores Password Quality Standards Login Banners Folder-level Permissions Comprehensive Identity & Access Management Privileged User Access Management Regular audits of permissions and access rights Minimised VPN Access Data Leakage Prevention Tools On-Going Screening Exit Interviews Whistle Blower Support Accounting Procedures Security Cameras Extensive Logging Network Security Monitoring Behavioural Analytics Psycho-Linguistic Analytics Recruitment Continuous Controls Monitoring
  • 13. 13 Technical Behavioural Indicators New Job Searches Addictive Usage Unusual Pattern of Life AUP Breaches Impossible Journeys Failed Logons Failed Badge Access Large Volume Uploads History Deletion
  • 14. strozfriedberg.com THANK YOU Phil Huggins, Vice President phuggins@strozfriedberg.co.uk +44 (0)207 061 2299