Loading…
Registration is NOW Open
Marriott Wardman Park
2660 Woodley Rd NW
Washington DC, District of Columbia 20008 USA
Phone: 1-202-328-2000 

Book Now 
*discount rates expire August 19, 2019
Thursday, September 12 • 11:30am - 12:15pm
Insider Threat Assessments: A methodology for improving insider threat deterrence and detection

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Giving organizations a proactive, situational procedure to validate their insider threat program reduces gaps in coverage, limits tool or service misconfigurations, helps prevent system and model oversights, and provides real world practice scenarios. Over the last decade, there has been an influx of tools, task forces, and end-to-end solutions created to supplement insider threat programs. "An effective insider threat program incorporates a number of technical controls to assist with preventing, detecting, and responding to concerning behaviors and activity" (Spooner et al, 2018). In that same white paper, the authors also indicate that organizations, at a minimum, should adopt tools from each of the following categories: user activity monitoring (UAM), data loss prevention (DLP), security information and event management (SIEM), analytics, and digital forensics. The breadth of functionality and wide array of available tools, pose a challenge to organizations looking to build or strengthen their insider threat program. Furthermore, the panacea for all insider threats does not exist and methods must be adopted that are specific to organizational assets. This presentation builds on a review of the existing insider threat tool landscape and introduces a methodology to validate configurations and coverage through a situational insider threat assessment. Insider threat kill chains, how to simulate relevant risks, and quantifying key asset identification will also be covered.



Speakers
avatar for Ben Stewart

Ben Stewart

Security Engineer, Security Innovation
Ben has grown his security skill-set through years of high profile, complex development projects, primarily in the Financial Services industry. Building and securing systems responsible for large, regulated money movements, enabling secure code review processes and pipelines, and... Read More →


Thursday September 12, 2019 11:30am - 12:15pm
Lincoln 3