SlideShare una empresa de Scribd logo

Expert FSO Insider Threat Awareness

E
Eric Schiowitz

Expert FSO Insider Threat Awareness

Gobierno y org. sin ánimo de lucro
1 de 28
Descargar para leer sin conexión
INSIDER THREAT AWARENESS
INSIDER THREAT AWARENESS Would you? Really? Would you recognize a threat from the inside? What would you do? If you SAW something, would you SAY something?
INSIDER THREAT AWARENESS What Does an Insider Look Like? They look like you and me. They look like your friends and neighbors. They can be anyone and they can target anything. Sometimes they are unwitting and simply create vulnerabilities for others to exploit. In addition to classified information, proprietary information, trade secrets, intellectual property, and the security of personnel may be threatened.
INSIDER THREAT AWARENESS Money and Ego Malicious insiders go after anything they can use to inflict harm. They have many motivations: Some do it for money, while others do it for ego. Others do it for a cause or another country. Others do it simply because they can. There are many cases of insiders betraying the trust of their organizations and their country, including those listed here. .
INSIDER THREAT AWARENESS Cases of insiders betraying the trust of their organizations and their country The WikiLeaks case represents one of the major catalysts for an insider threat national policy. In May 2010, an Army Private was arrested for allegedly leaking classified material to the website WikiLeaks. The unauthorized disclosure represents the single largest loss of classified information in U.S. history and includes 250,000 diplomatic cables and 500,000 U.S. Army reports.
INSIDER THREAT AWARENESS Cases of insiders betraying the trust of their organizations and their country In November 2009, an Army Major killed 13 people and wounded 29 others at Fort Hood, Texas. The shooting represents the worst shooting to ever take place at an American military base. Six months prior to the shooting, Major Nadal Hasan had been investigated for expressing extremist views, but was determined not to be a threat as the incident was related to his professional research.
INSIDER THREAT AWARENESS Cases of insiders betraying the trust of their organizations and their country Greg Chung, an engineer for a cleared defense contractor, stole over 250,000 documents containing trade secrets about the space shuttle, the Delta IV rocket, and the C-17 military cargo jet. He traveled to China under the guise of giving lectures while secretly meeting with Chinese agents. In February 2010, he became the first person to be tried under the economic espionage provision of the Economic Espionage Act and was sentenced to over 15 years in prison.
INSIDER THREAT AWARENESS Recruitment While not all insiders are recruited, those who are often are recruited slowly over time. Recruitment almost always involves contacts with individuals or organizations from foreign countries. However, an already committed U.S. spy may attempt to recruit colleagues.
INSIDER THREAT AWARENESS Phases of Recruitment Classic recruitment by adversaries is a three phased process. First, intelligence officers spot and assess individuals for potential recruitment. Adversaries are not necessarily looking for someone with a high level of access – sometimes the potential for future access or the ability of the recruit to lead to other high value targets is enough to generate adversary interest. Spotting and Assessing can take place anywhere, but is always approached in a non-threatening and seemingly natural manner. Put yourself in the place of an intelligence officer. How would you recruit a computer scientist? Perhaps at a trade show or through a business contact or perhaps at a computer store or other social event. Even online venues – such as chat rooms and social media – are used for this process. During the Spot and Assessment phase, the Foreign Intelligence Service or (FIS) will often explore potential exploitable weaknesses which may be used as a lever against the recruit. These could include: Drugs or Alcohol, Gambling, Adultery, Financial Problems, or other weaknesses.
INSIDER THREAT AWARENESS Phases of Recruitment Once a potential recruit has been identified, adversaries begin to cultivate a relationship with that individual. In the “Development Phase”, meetings with the recruit will become more private – and less likely to be observable or reportable. By the time the “recruitment and handling phase” is initiated, the individual is likely emotionally tied to the adversary. The actual recruitment may involve appeals to ideological leanings, financial gain, blackmail or coercion, or any other of a number of motivators unique to that recruit. Some of these may manifest as observable and reportable behaviors.
INSIDER THREAT AWARENESS Recruitment Indicators • Unreported request for critical assets outside official channels • Unreported or frequent foreign travel • Suspicious foreign contacts • Contact with an individual who is known to be, or is suspected of being, associated with foreign intelligence, security, or terrorism • Unreported offer of financial assistance, gifts, or favors by a foreign national or stranger: Beware of those bearing gifts • Suspected recruitment by foreign or domestic competitive companies to convince employee to work for another company
INSIDER THREAT AWARENESS Information Collection Before someone can steal information, they must first collect the information. It can be intentionally stolen by a malicious insider or a person may have it already – and then inadvertently leak it. Insiders may physically remove files, they may steal or leak information electronically, or they may use elicitation as a technique to subtly extract information about you, your work, and your colleagues. When done well, elicitation can seem like simple small talk.
INSIDER THREAT AWARENESS There are a number of Collection Methodologies, but the most common foreign collection methods, used in over 80% of targeting cases, include: • Unsolicited and direct requests for information • Suspicious internet activity • Targeting at conferences, conventions, and trade shows • Insider threat • Solicitation • Employment • Foreign visits
INSIDER THREAT AWARENESS Information Collection Indicators • Unauthorized downloads or copying of files, especially for employees who have given notice of termination of employment • Keeping critical assets at home or any other unauthorized place • Acquiring access to automated information systems without authorization • Operating unauthorized cameras, recording devices, computers, or modems in areas where critical assets are stored, discussed, or processed • Asking you or anyone else to obtain critical assets to which the person does not have authorized access • Seeking to obtain access to critical assets inconsistent with present duty requirements
INSIDER THREAT AWARENESS Information Transmittal Insiders must have a way to transmit the information they are compromising. If you notice someone showing signs of transmitting information without authorization or outside of approved channels, you should pay attention. Behaviors you might observe include removing assets or information without authorization, extensive use of systems or equipment, and discussing information in unauthorized areas or by unauthorized means. If you notice someone failing to follow procedures for safeguarding, handling, and transmitting classified information, it may be a sign of an insider threat.
INSIDER THREAT AWARENESS Information Transmittal Indicators Insiders must have a way to transmit the information they are compromising. If you notice someone showing signs of transmitting information without authorization or outside of approved channels, you should pay attention. Behaviors you might observe include removing assets or information without authorization, extensive use of systems or equipment, and discussing information in unauthorized areas or by unauthorized means. • Removing critical assets from the work area without appropriate authorization • Extensive use of copy, facsimile, or computer equipment to reproduce or transmit critical asset-related information that may exceed job requirements • Discussing critical asset-related information in public or on a unsecure telephone • Actions/behaviors specific to classified information • Using an unauthorized fax or computer to transmit classified information • Attempting to conceal any work-related foreign travel and any personal foreign travel while having a Top Secret/Sensitive Compartmented Information clearance or being a contractor with a reporting requirement • Improperly removing the classification markings from documents
INSIDER THREAT AWARENESS General Suspicious Behavior Once an insider threat is revealed, coworkers often recall signs that something wasn’t right. An insider threat may exhibit a number of suspicious behaviors, including working outside of regular duty hours, repeatedly failing to follow processes and policies which result in security violations, or displaying a general lack of respect for the United States. Special attention should be paid to disgruntled employees. Disgruntlement is a major motivating factor in insider threat cases.
INSIDER THREAT AWARENESS General Suspicious Behavior (Cont…) Attempts to expand access: • Attempting to expand access to critical assets by repeatedly volunteering for assignments or duties beyond the normal scope of responsibilities • Performing repeated or unrequired work outside of normal duty hours, especially unaccompanied Questionable behavior: • Exhibiting behavior that results in repeated security violations • Engaging in illegal activity or asking you to engage in any illegal activity
INSIDER THREAT AWARENESS General Suspicious Behavior (Cont…) Changes in financial circumstances: • Displaying unexplained or undue affluence explained by inheritance, luck in gambling, or some successful business venture • Displaying sudden reversal of financial situation or sudden repayment of large debts Attempts to compromise individuals: • Attempting to entice personnel with access to critical assets into situations that could place them in a compromising position • Attempting to place personnel with access to critical assets under obligation through special treatment, favors, gifts, money, or other means
INSIDER THREAT AWARENESS General Suspicious Behavior (Cont…) Questionable national loyalty: • Displaying questionable loyalty to U.S. government or company • Making anti-U.S. comments Exhibits actions or behaviors associated with disgruntled employees: • Conflicts with supervisors and coworkers • Decline in work performance • Tardiness • Unexplained absenteeism
INSIDER THREAT AWARENESS Reporting Procedures If you suspect a possible insider threat, you must report it. You cannot assume someone else will do so. Every one of us is an owner of security - both the security of information and the security of personnel. We are all responsible for its safekeeping. A major hurdle that deters people from reporting is the idea that they are snitching on a colleague. Yet reporting is a way of ensuring your security, the security of your fellow colleagues, and the resources and capabilities of your organization. Insider threat reporting procedures vary depending on whether you are an employee of the DoD, a Federal Agency, or you work in cleared industry.
INSIDER THREAT AWARENESS Reporting Procedures for DOD DoD employees must report potential threats to their organization’s security office. Security officers will coordinate with counterintelligence elements, if required. If you suspect recruitment by a foreign entity, report it directly to your supporting counterintelligence element. If you suspect espionage, report to the FBI or counterintelligence officials.
INSIDER THREAT AWARENESS Reporting Procedures for Federal Agency Employees Federal agency employees should report to their agency’s security office. Specific procedures will vary by agency. Follow your agency-specific reporting procedures.
INSIDER THREAT AWARENESS Reporting Procedures for Cleared Industry Employees of cleared industry must report potential threats to the Facility Security Officer, or FSO. Depending on the situation, the FSO will then report the possible threat to the facility’s DSS Industrial Security Representative, DSS Counterintelligence Specialist, or, if it involves known or suspected espionage, to the FBI.
INSIDER THREAT AWARENESS Failure to Report Unfortunately, insider threats often go unreported until it is too late. In the majority of past cases, relevant information was available, yet went unreported. How different might things have been had someone said something? When you fail to report, you risk both your physical security and the information security of your organization. Insider threats weaken the U.S. military’s battlefield advantage and jeopardize war fighters. They increase our vulnerability to fraud, terrorist activity, and cyber- attacks. If you are a member of cleared industry, an insider may cost your company its business and you your job.
INSIDER THREAT AWARENESS Failure to Report (Cont…) Failing to report also fails the employee who needs help. When you don’t report, you lose the opportunity to help your coworker resolve problems before committing espionage or hurting others. For cleared DoD employees subject to Uniform Code of Military Justice, failing to report a potential insider threat may result in punitive actions. For cleared Federal agency and DoD civilian employees, failing to report may result in disciplinary action up to and including termination and criminal and civil sanctions. For cleared defense contractors, failing to report may result in loss of employment and security clearance. Individuals may also be subject to criminal charges. You cannot underestimate the role you play in protecting against insider threats. You are the first line of defense.
INSIDER THREAT AWARENESS Conclusion You have just learned how insider threats affect the DoD, Federal agencies, cleared industry, and people like you. You need to be aware of these threats. You need to consider your facility, its technology and programs, and the information you know. How might you be targeted? If you suspect a potential insider threat, you must report it
INSIDER THREAT AWARENESS Compliments of: Eric Schiowitz, Vice President – 781-373-8464, 508-561-4776, eric@expertfso.com

Recomendados

Insider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoInsider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoMatt Frowert
 
Information security
Information security Information security
Information securityJin Castor
 
Cyber Risks
Cyber RisksCyber Risks
Cyber RisksRickWaldman
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Insider threat
Insider threatInsider threat
Insider threatARCON TECHSOLUTIONS
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by FortinetAtlantic Training, LLC.
 
Red team Engagement
Red team EngagementRed team Engagement
Red team EngagementIndranil Banerjee
 

Recomendados

Insider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoInsider Threats Webinar Final_Tyco
Insider Threats Webinar Final_TycoMatt Frowert
 
Information security
Information security Information security
Information securityJin Castor
 
Cyber Risks
Cyber RisksCyber Risks
Cyber RisksRickWaldman
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Insider threat
Insider threatInsider threat
Insider threatARCON TECHSOLUTIONS
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by FortinetAtlantic Training, LLC.
 
Red team Engagement
Red team EngagementRed team Engagement
Red team EngagementIndranil Banerjee
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
Physical security
Physical securityPhysical security
Physical securityTariq Mahmood
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness ProgramBill Gardner
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligencekelsports
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesAlex Rudie
 
Awareness Training on Information Security
Awareness Training on Information SecurityAwareness Training on Information Security
Awareness Training on Information SecurityKen Holmes
 
Red Team Framework
Red Team FrameworkRed Team Framework
Red Team Framework👀 Joe Gray
 
Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Security Operations, MITRE ATT&CK, SOC Roles / Competencies Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Security Operations, MITRE ATT&CK, SOC Roles / Competencies Harry McLaren
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE - ATT&CKcon
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3Lancope, Inc.
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat IntelligenceNTT Innovation Institute Inc.
 
OSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligenceOSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligenceDeep Shankar Yadav
 
Red teaming probably isn't for you
Red teaming probably isn't for youRed teaming probably isn't for you
Red teaming probably isn't for youToby Kohlenberg
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsIain Dickson
 
402 chapter 7 counterintelligence
402 chapter 7 counterintelligence402 chapter 7 counterintelligence
402 chapter 7 counterintelligenceDoing What I Do
 
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...MITRE - ATT&CKcon
 
Network Architecture Review Checklist
Network Architecture Review ChecklistNetwork Architecture Review Checklist
Network Architecture Review ChecklistEberly Wilson
 
Securityawareness
SecurityawarenessSecurityawareness
SecurityawarenessJayfErika
 
Insider Threat Kill Chain: Detecting Human Indicators of Compromise
Insider Threat Kill Chain: Detecting Human Indicators of CompromiseInsider Threat Kill Chain: Detecting Human Indicators of Compromise
Insider Threat Kill Chain: Detecting Human Indicators of CompromiseTripwire
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 

Más contenido relacionado

La actualidad más candente

How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness ProgramBill Gardner
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligencekelsports
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesAlex Rudie
 
Awareness Training on Information Security
Awareness Training on Information SecurityAwareness Training on Information Security
Awareness Training on Information SecurityKen Holmes
 
Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Security Operations, MITRE ATT&CK, SOC Roles / Competencies Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Security Operations, MITRE ATT&CK, SOC Roles / Competencies Harry McLaren
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE - ATT&CKcon
 
OSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligenceOSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligenceDeep Shankar Yadav
 
Red teaming probably isn't for you
Red teaming probably isn't for youRed teaming probably isn't for you
Red teaming probably isn't for youToby Kohlenberg
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsIain Dickson
 
402 chapter 7 counterintelligence
402 chapter 7 counterintelligence402 chapter 7 counterintelligence
402 chapter 7 counterintelligenceDoing What I Do
 
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...MITRE - ATT&CKcon
 
Network Architecture Review Checklist
Network Architecture Review ChecklistNetwork Architecture Review Checklist
Network Architecture Review ChecklistEberly Wilson
 
Securityawareness
SecurityawarenessSecurityawareness
SecurityawarenessJayfErika
 

La actualidad más candente (20)

How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
 
Physical security
Physical securityPhysical security
Physical security
 
Building An Information Security Awareness Program
Building An Information Security Awareness ProgramBuilding An Information Security Awareness Program
Building An Information Security Awareness Program
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligence
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for Businesses
 
Awareness Training on Information Security
Awareness Training on Information SecurityAwareness Training on Information Security
Awareness Training on Information Security
 
Red Team Framework
Red Team FrameworkRed Team Framework
Red Team Framework
 
Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Security Operations, MITRE ATT&CK, SOC Roles / Competencies Security Operations, MITRE ATT&CK, SOC Roles / Competencies
Security Operations, MITRE ATT&CK, SOC Roles / Competencies
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
 
OSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligenceOSINT- Leveraging data into intelligence
OSINT- Leveraging data into intelligence
 
Red teaming probably isn't for you
Red teaming probably isn't for youRed teaming probably isn't for you
Red teaming probably isn't for you
 
Cyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feedsCyber Threat Intelligence - It's not just about the feeds
Cyber Threat Intelligence - It's not just about the feeds
 
402 chapter 7 counterintelligence
402 chapter 7 counterintelligence402 chapter 7 counterintelligence
402 chapter 7 counterintelligence
 
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
Measure What Matters: How to Use MITRE ATTACK to do the Right Things in the R...
 
Network Architecture Review Checklist
Network Architecture Review ChecklistNetwork Architecture Review Checklist
Network Architecture Review Checklist
 
Securityawareness
SecurityawarenessSecurityawareness
Securityawareness
 

Destacado

Insider Threat Kill Chain: Detecting Human Indicators of Compromise
Insider Threat Kill Chain: Detecting Human Indicators of CompromiseInsider Threat Kill Chain: Detecting Human Indicators of Compromise
Insider Threat Kill Chain: Detecting Human Indicators of CompromiseTripwire
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCybera Inc.
 
Insider Threat Law: Balancing Privacy and Protection
Insider Threat Law: Balancing Privacy and ProtectionInsider Threat Law: Balancing Privacy and Protection
Insider Threat Law: Balancing Privacy and ProtectionObserveIT
 
Proactive Measures to Mitigate Insider Threat
Proactive Measures to Mitigate Insider ThreatProactive Measures to Mitigate Insider Threat
Proactive Measures to Mitigate Insider ThreatPriyanka Aash
 
Comprehensive Data Leak Prevention
Comprehensive Data Leak PreventionComprehensive Data Leak Prevention
Comprehensive Data Leak PreventionTanvir Hashmi
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatAndrew Case
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityObserveIT
 
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaInsider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaRaffael Marty
 
Gov & Education Day 2015 - User Behavior Analytics
Gov & Education Day 2015 - User Behavior AnalyticsGov & Education Day 2015 - User Behavior Analytics
Gov & Education Day 2015 - User Behavior AnalyticsSplunk
 
The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatImperva
 
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...ObserveIT
 
Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Defence and Security Accelerator
 
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...Phil Legg
 
Gov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsGov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsSplunk
 
Dealing with the insider threat.
Dealing with the insider threat.Dealing with the insider threat.
Dealing with the insider threat.Matt Lemon
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutLancope, Inc.
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 

Destacado (20)

Insider Threat Kill Chain: Detecting Human Indicators of Compromise
Insider Threat Kill Chain: Detecting Human Indicators of CompromiseInsider Threat Kill Chain: Detecting Human Indicators of Compromise
Insider Threat Kill Chain: Detecting Human Indicators of Compromise
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
 
Insider Threat Law: Balancing Privacy and Protection
Insider Threat Law: Balancing Privacy and ProtectionInsider Threat Law: Balancing Privacy and Protection
Insider Threat Law: Balancing Privacy and Protection
 
Proactive Measures to Mitigate Insider Threat
Proactive Measures to Mitigate Insider ThreatProactive Measures to Mitigate Insider Threat
Proactive Measures to Mitigate Insider Threat
 
Comprehensive Data Leak Prevention
Comprehensive Data Leak PreventionComprehensive Data Leak Prevention
Comprehensive Data Leak Prevention
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider Threat
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
 
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaInsider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
 
Insider Threat Experiences
Insider Threat ExperiencesInsider Threat Experiences
Insider Threat Experiences
 
Gov & Education Day 2015 - User Behavior Analytics
Gov & Education Day 2015 - User Behavior AnalyticsGov & Education Day 2015 - User Behavior Analytics
Gov & Education Day 2015 - User Behavior Analytics
 
The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider Threat
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
 
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
 
Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013
 
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
 
Gov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsGov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior Analytics
 
Dealing with the insider threat.
Dealing with the insider threat.Dealing with the insider threat.
Dealing with the insider threat.
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 

Similar a Expert FSO Insider Threat Awareness

Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxZakiAhmed70
 
The Insider Threat January.pptx
The Insider Threat January.pptxThe Insider Threat January.pptx
The Insider Threat January.pptxBertrandRussell6
 
H -Tech frauds of identity theft, Identity cloning and address mirroring
H -Tech frauds of identity theft, Identity cloning and address mirroringH -Tech frauds of identity theft, Identity cloning and address mirroring
H -Tech frauds of identity theft, Identity cloning and address mirroringGAURAV. H .TANDON
 
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?JamRivera1
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptCakraWicaksono3
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptpixvilx
 
SYNERGY INITIAL SECURITY BRF 2023 (1).ppt
SYNERGY INITIAL SECURITY BRF 2023 (1).pptSYNERGY INITIAL SECURITY BRF 2023 (1).ppt
SYNERGY INITIAL SECURITY BRF 2023 (1).pptNickellReddy
 
Ethical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldEthical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldRownel Cerezo Gagani
 
computer law.pptx
computer law.pptxcomputer law.pptx
computer law.pptxMouradAKenk
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageMarin Ivezic
 
Jason Anthony Smith - thesis short summary v1.0
Jason Anthony Smith - thesis short summary v1.0Jason Anthony Smith - thesis short summary v1.0
Jason Anthony Smith - thesis short summary v1.0Jason Smith
 
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...IntelCollab.com
 
Personal Security for High Profile and High Wealth Individuals
Personal Security for High Profile and High Wealth IndividualsPersonal Security for High Profile and High Wealth Individuals
Personal Security for High Profile and High Wealth IndividualsJuval Aviv
 
Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Lawley Insurance
 
Recommending information security measures
Recommending information security measuresRecommending information security measures
Recommending information security measuresManish Singh
 
social engineering
social engineering social engineering
social engineeringRavi Patel
 
powerpointpresentThreat Actor Groups.pptx
powerpointpresentThreat Actor Groups.pptxpowerpointpresentThreat Actor Groups.pptx
powerpointpresentThreat Actor Groups.pptxdeveraralph2
 
Unit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesUnit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesArnav Chowdhury
 

Similar a Expert FSO Insider Threat Awareness (20)

Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptx
 
The Insider Threat January.pptx
The Insider Threat January.pptxThe Insider Threat January.pptx
The Insider Threat January.pptx
 
H -Tech frauds of identity theft, Identity cloning and address mirroring
H -Tech frauds of identity theft, Identity cloning and address mirroringH -Tech frauds of identity theft, Identity cloning and address mirroring
H -Tech frauds of identity theft, Identity cloning and address mirroring
 
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
SYNERGY INITIAL SECURITY BRF 2023 (1).ppt
SYNERGY INITIAL SECURITY BRF 2023 (1).pptSYNERGY INITIAL SECURITY BRF 2023 (1).ppt
SYNERGY INITIAL SECURITY BRF 2023 (1).ppt
 
Foreign travel-brief-template
Foreign travel-brief-templateForeign travel-brief-template
Foreign travel-brief-template
 
Ethical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldEthical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorld
 
computer law.pptx
computer law.pptxcomputer law.pptx
computer law.pptx
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
 
Jason Anthony Smith - thesis short summary v1.0
Jason Anthony Smith - thesis short summary v1.0Jason Anthony Smith - thesis short summary v1.0
Jason Anthony Smith - thesis short summary v1.0
 
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...
Securing Your Perimeter: Preventing Loss, Theft and Misappropriation of Your ...
 
Personal Security for High Profile and High Wealth Individuals
Personal Security for High Profile and High Wealth IndividualsPersonal Security for High Profile and High Wealth Individuals
Personal Security for High Profile and High Wealth Individuals
 
Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015
 
Recommending information security measures
Recommending information security measuresRecommending information security measures
Recommending information security measures
 
social engineering
social engineering social engineering
social engineering
 
powerpointpresentThreat Actor Groups.pptx
powerpointpresentThreat Actor Groups.pptxpowerpointpresentThreat Actor Groups.pptx
powerpointpresentThreat Actor Groups.pptx
 
Unit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesUnit iii: Common Hacking Techniques
Unit iii: Common Hacking Techniques
 
whistle blowing.
whistle blowing.whistle blowing.
whistle blowing.
 

Último

Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
Call Girls in Sarita Vihar Delhi Just Call 👉👉9873777170 Independent Female ...
Call Girls in Sarita Vihar Delhi Just Call 👉👉9873777170 Independent Female ...Call Girls in Sarita Vihar Delhi Just Call 👉👉9873777170 Independent Female ...
Call Girls in Sarita Vihar Delhi Just Call 👉👉9873777170 Independent Female ...adilkhan87451
 
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
 
celebrity 💋 Nagpur Escorts Just Dail 8250092165 service available anytime 24 ...
celebrity 💋 Nagpur Escorts Just Dail 8250092165 service available anytime 24 ...celebrity 💋 Nagpur Escorts Just Dail 8250092165 service available anytime 24 ...
celebrity 💋 Nagpur Escorts Just Dail 8250092165 service available anytime 24 ...Call Girls in Nagpur High Profile
 
A Press for the Planet: Journalism in the face of the Environmental Crisis
A Press for the Planet: Journalism in the face of the Environmental CrisisA Press for the Planet: Journalism in the face of the Environmental Crisis
A Press for the Planet: Journalism in the face of the Environmental CrisisChristina Parmionova
 
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakurbest call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha ThakurSUHANI PANDEY
 
The Economic and Organised Crime Office (EOCO) has been advised by the Office...
The Economic and Organised Crime Office (EOCO) has been advised by the Office...The Economic and Organised Crime Office (EOCO) has been advised by the Office...
The Economic and Organised Crime Office (EOCO) has been advised by the Office...nservice241
 
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
1935 CONSTITUTION REPORT IN RIPH FINALLS
1935 CONSTITUTION REPORT IN RIPH FINALLS1935 CONSTITUTION REPORT IN RIPH FINALLS
1935 CONSTITUTION REPORT IN RIPH FINALLSarandianics
 
Tuvalu Coastal Adaptation Project (TCAP)
Tuvalu Coastal Adaptation Project (TCAP)Tuvalu Coastal Adaptation Project (TCAP)
Tuvalu Coastal Adaptation Project (TCAP)NAP Global Network
 
VIP Call Girls Bhavnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Bhavnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Bhavnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Bhavnagar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'IsraëlAntisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'IsraëlEdouardHusson
 
VIP Model Call Girls Baramati ( Pune ) Call ON 8005736733 Starting From 5K to...
VIP Model Call Girls Baramati ( Pune ) Call ON 8005736733 Starting From 5K to...VIP Model Call Girls Baramati ( Pune ) Call ON 8005736733 Starting From 5K to...
VIP Model Call Girls Baramati ( Pune ) Call ON 8005736733 Starting From 5K to...SUHANI PANDEY
 
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...SUHANI PANDEY
 
Call Girls In datia Escorts ☎️7427069034 🔝 💃 Enjoy 24/7 Escort Service Enjoy...
Call Girls In datia Escorts ☎️7427069034 🔝 💃 Enjoy 24/7 Escort Service Enjoy...Call Girls In datia Escorts ☎️7427069034 🔝 💃 Enjoy 24/7 Escort Service Enjoy...
Call Girls In datia Escorts ☎️7427069034 🔝 💃 Enjoy 24/7 Escort Service Enjoy...nehasharma67844
 
Coastal Protection Measures in Hulhumale'
Coastal Protection Measures in Hulhumale'Coastal Protection Measures in Hulhumale'
Coastal Protection Measures in Hulhumale'NAP Global Network
 
Finance strategies for adaptation. Presentation for CANCC
Finance strategies for adaptation. Presentation for CANCCFinance strategies for adaptation. Presentation for CANCC
Finance strategies for adaptation. Presentation for CANCCNAP Global Network
 
VIP Model Call Girls Lohegaon ( Pune ) Call ON 8005736733 Starting From 5K to...
VIP Model Call Girls Lohegaon ( Pune ) Call ON 8005736733 Starting From 5K to...VIP Model Call Girls Lohegaon ( Pune ) Call ON 8005736733 Starting From 5K to...
VIP Model Call Girls Lohegaon ( Pune ) Call ON 8005736733 Starting From 5K to...SUHANI PANDEY
 
celebrity 💋 Patna Escorts Just Dail 8250092165 service available anytime 24 hour
celebrity 💋 Patna Escorts Just Dail 8250092165 service available anytime 24 hourcelebrity 💋 Patna Escorts Just Dail 8250092165 service available anytime 24 hour
celebrity 💋 Patna Escorts Just Dail 8250092165 service available anytime 24 hourCall Girls in Nagpur High Profile
 

Último (20)

Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Nanded City Call Me 7737669865 Budget Friendly No Advance Booking
 
Call Girls in Sarita Vihar Delhi Just Call 👉👉9873777170 Independent Female ...
Call Girls in Sarita Vihar Delhi Just Call 👉👉9873777170 Independent Female ...Call Girls in Sarita Vihar Delhi Just Call 👉👉9873777170 Independent Female ...
Call Girls in Sarita Vihar Delhi Just Call 👉👉9873777170 Independent Female ...
 
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 
celebrity 💋 Nagpur Escorts Just Dail 8250092165 service available anytime 24 ...
celebrity 💋 Nagpur Escorts Just Dail 8250092165 service available anytime 24 ...celebrity 💋 Nagpur Escorts Just Dail 8250092165 service available anytime 24 ...
celebrity 💋 Nagpur Escorts Just Dail 8250092165 service available anytime 24 ...
 
A Press for the Planet: Journalism in the face of the Environmental Crisis
A Press for the Planet: Journalism in the face of the Environmental CrisisA Press for the Planet: Journalism in the face of the Environmental Crisis
A Press for the Planet: Journalism in the face of the Environmental Crisis
 
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakurbest call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
 
The Economic and Organised Crime Office (EOCO) has been advised by the Office...
The Economic and Organised Crime Office (EOCO) has been advised by the Office...The Economic and Organised Crime Office (EOCO) has been advised by the Office...
The Economic and Organised Crime Office (EOCO) has been advised by the Office...
 
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chakan Call Me 7737669865 Budget Friendly No Advance Booking
 
call girls in Raghubir Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service ...
call girls in Raghubir Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service ...call girls in Raghubir Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service ...
call girls in Raghubir Nagar (DELHI) 🔝 >༒9953056974 🔝 genuine Escort Service ...
 
1935 CONSTITUTION REPORT IN RIPH FINALLS
1935 CONSTITUTION REPORT IN RIPH FINALLS1935 CONSTITUTION REPORT IN RIPH FINALLS
1935 CONSTITUTION REPORT IN RIPH FINALLS
 
Tuvalu Coastal Adaptation Project (TCAP)
Tuvalu Coastal Adaptation Project (TCAP)Tuvalu Coastal Adaptation Project (TCAP)
Tuvalu Coastal Adaptation Project (TCAP)
 
VIP Call Girls Bhavnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Bhavnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Bhavnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Bhavnagar 7001035870 Whatsapp Number, 24/07 Booking
 
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'IsraëlAntisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
 
VIP Model Call Girls Baramati ( Pune ) Call ON 8005736733 Starting From 5K to...
VIP Model Call Girls Baramati ( Pune ) Call ON 8005736733 Starting From 5K to...VIP Model Call Girls Baramati ( Pune ) Call ON 8005736733 Starting From 5K to...
VIP Model Call Girls Baramati ( Pune ) Call ON 8005736733 Starting From 5K to...
 
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
 
Call Girls In datia Escorts ☎️7427069034 🔝 💃 Enjoy 24/7 Escort Service Enjoy...
Call Girls In datia Escorts ☎️7427069034 🔝 💃 Enjoy 24/7 Escort Service Enjoy...Call Girls In datia Escorts ☎️7427069034 🔝 💃 Enjoy 24/7 Escort Service Enjoy...
Call Girls In datia Escorts ☎️7427069034 🔝 💃 Enjoy 24/7 Escort Service Enjoy...
 
Coastal Protection Measures in Hulhumale'
Coastal Protection Measures in Hulhumale'Coastal Protection Measures in Hulhumale'
Coastal Protection Measures in Hulhumale'
 
Finance strategies for adaptation. Presentation for CANCC
Finance strategies for adaptation. Presentation for CANCCFinance strategies for adaptation. Presentation for CANCC
Finance strategies for adaptation. Presentation for CANCC
 
VIP Model Call Girls Lohegaon ( Pune ) Call ON 8005736733 Starting From 5K to...
VIP Model Call Girls Lohegaon ( Pune ) Call ON 8005736733 Starting From 5K to...VIP Model Call Girls Lohegaon ( Pune ) Call ON 8005736733 Starting From 5K to...
VIP Model Call Girls Lohegaon ( Pune ) Call ON 8005736733 Starting From 5K to...
 
celebrity 💋 Patna Escorts Just Dail 8250092165 service available anytime 24 hour
celebrity 💋 Patna Escorts Just Dail 8250092165 service available anytime 24 hourcelebrity 💋 Patna Escorts Just Dail 8250092165 service available anytime 24 hour
celebrity 💋 Patna Escorts Just Dail 8250092165 service available anytime 24 hour
 

Expert FSO Insider Threat Awareness

  • 2. INSIDER THREAT AWARENESS Would you? Really? Would you recognize a threat from the inside? What would you do? If you SAW something, would you SAY something?
  • 3. INSIDER THREAT AWARENESS What Does an Insider Look Like? They look like you and me. They look like your friends and neighbors. They can be anyone and they can target anything. Sometimes they are unwitting and simply create vulnerabilities for others to exploit. In addition to classified information, proprietary information, trade secrets, intellectual property, and the security of personnel may be threatened.
  • 4. INSIDER THREAT AWARENESS Money and Ego Malicious insiders go after anything they can use to inflict harm. They have many motivations: Some do it for money, while others do it for ego. Others do it for a cause or another country. Others do it simply because they can. There are many cases of insiders betraying the trust of their organizations and their country, including those listed here. .
  • 5. INSIDER THREAT AWARENESS Cases of insiders betraying the trust of their organizations and their country The WikiLeaks case represents one of the major catalysts for an insider threat national policy. In May 2010, an Army Private was arrested for allegedly leaking classified material to the website WikiLeaks. The unauthorized disclosure represents the single largest loss of classified information in U.S. history and includes 250,000 diplomatic cables and 500,000 U.S. Army reports.
  • 6. INSIDER THREAT AWARENESS Cases of insiders betraying the trust of their organizations and their country In November 2009, an Army Major killed 13 people and wounded 29 others at Fort Hood, Texas. The shooting represents the worst shooting to ever take place at an American military base. Six months prior to the shooting, Major Nadal Hasan had been investigated for expressing extremist views, but was determined not to be a threat as the incident was related to his professional research.
  • 7. INSIDER THREAT AWARENESS Cases of insiders betraying the trust of their organizations and their country Greg Chung, an engineer for a cleared defense contractor, stole over 250,000 documents containing trade secrets about the space shuttle, the Delta IV rocket, and the C-17 military cargo jet. He traveled to China under the guise of giving lectures while secretly meeting with Chinese agents. In February 2010, he became the first person to be tried under the economic espionage provision of the Economic Espionage Act and was sentenced to over 15 years in prison.
  • 8. INSIDER THREAT AWARENESS Recruitment While not all insiders are recruited, those who are often are recruited slowly over time. Recruitment almost always involves contacts with individuals or organizations from foreign countries. However, an already committed U.S. spy may attempt to recruit colleagues.
  • 9. INSIDER THREAT AWARENESS Phases of Recruitment Classic recruitment by adversaries is a three phased process. First, intelligence officers spot and assess individuals for potential recruitment. Adversaries are not necessarily looking for someone with a high level of access – sometimes the potential for future access or the ability of the recruit to lead to other high value targets is enough to generate adversary interest. Spotting and Assessing can take place anywhere, but is always approached in a non-threatening and seemingly natural manner. Put yourself in the place of an intelligence officer. How would you recruit a computer scientist? Perhaps at a trade show or through a business contact or perhaps at a computer store or other social event. Even online venues – such as chat rooms and social media – are used for this process. During the Spot and Assessment phase, the Foreign Intelligence Service or (FIS) will often explore potential exploitable weaknesses which may be used as a lever against the recruit. These could include: Drugs or Alcohol, Gambling, Adultery, Financial Problems, or other weaknesses.
  • 10. INSIDER THREAT AWARENESS Phases of Recruitment Once a potential recruit has been identified, adversaries begin to cultivate a relationship with that individual. In the “Development Phase”, meetings with the recruit will become more private – and less likely to be observable or reportable. By the time the “recruitment and handling phase” is initiated, the individual is likely emotionally tied to the adversary. The actual recruitment may involve appeals to ideological leanings, financial gain, blackmail or coercion, or any other of a number of motivators unique to that recruit. Some of these may manifest as observable and reportable behaviors.
  • 11. INSIDER THREAT AWARENESS Recruitment Indicators • Unreported request for critical assets outside official channels • Unreported or frequent foreign travel • Suspicious foreign contacts • Contact with an individual who is known to be, or is suspected of being, associated with foreign intelligence, security, or terrorism • Unreported offer of financial assistance, gifts, or favors by a foreign national or stranger: Beware of those bearing gifts • Suspected recruitment by foreign or domestic competitive companies to convince employee to work for another company
  • 12. INSIDER THREAT AWARENESS Information Collection Before someone can steal information, they must first collect the information. It can be intentionally stolen by a malicious insider or a person may have it already – and then inadvertently leak it. Insiders may physically remove files, they may steal or leak information electronically, or they may use elicitation as a technique to subtly extract information about you, your work, and your colleagues. When done well, elicitation can seem like simple small talk.
  • 13. INSIDER THREAT AWARENESS There are a number of Collection Methodologies, but the most common foreign collection methods, used in over 80% of targeting cases, include: • Unsolicited and direct requests for information • Suspicious internet activity • Targeting at conferences, conventions, and trade shows • Insider threat • Solicitation • Employment • Foreign visits
  • 14. INSIDER THREAT AWARENESS Information Collection Indicators • Unauthorized downloads or copying of files, especially for employees who have given notice of termination of employment • Keeping critical assets at home or any other unauthorized place • Acquiring access to automated information systems without authorization • Operating unauthorized cameras, recording devices, computers, or modems in areas where critical assets are stored, discussed, or processed • Asking you or anyone else to obtain critical assets to which the person does not have authorized access • Seeking to obtain access to critical assets inconsistent with present duty requirements
  • 15. INSIDER THREAT AWARENESS Information Transmittal Insiders must have a way to transmit the information they are compromising. If you notice someone showing signs of transmitting information without authorization or outside of approved channels, you should pay attention. Behaviors you might observe include removing assets or information without authorization, extensive use of systems or equipment, and discussing information in unauthorized areas or by unauthorized means. If you notice someone failing to follow procedures for safeguarding, handling, and transmitting classified information, it may be a sign of an insider threat.
  • 16. INSIDER THREAT AWARENESS Information Transmittal Indicators Insiders must have a way to transmit the information they are compromising. If you notice someone showing signs of transmitting information without authorization or outside of approved channels, you should pay attention. Behaviors you might observe include removing assets or information without authorization, extensive use of systems or equipment, and discussing information in unauthorized areas or by unauthorized means. • Removing critical assets from the work area without appropriate authorization • Extensive use of copy, facsimile, or computer equipment to reproduce or transmit critical asset-related information that may exceed job requirements • Discussing critical asset-related information in public or on a unsecure telephone • Actions/behaviors specific to classified information • Using an unauthorized fax or computer to transmit classified information • Attempting to conceal any work-related foreign travel and any personal foreign travel while having a Top Secret/Sensitive Compartmented Information clearance or being a contractor with a reporting requirement • Improperly removing the classification markings from documents
  • 17. INSIDER THREAT AWARENESS General Suspicious Behavior Once an insider threat is revealed, coworkers often recall signs that something wasn’t right. An insider threat may exhibit a number of suspicious behaviors, including working outside of regular duty hours, repeatedly failing to follow processes and policies which result in security violations, or displaying a general lack of respect for the United States. Special attention should be paid to disgruntled employees. Disgruntlement is a major motivating factor in insider threat cases.
  • 18. INSIDER THREAT AWARENESS General Suspicious Behavior (Cont…) Attempts to expand access: • Attempting to expand access to critical assets by repeatedly volunteering for assignments or duties beyond the normal scope of responsibilities • Performing repeated or unrequired work outside of normal duty hours, especially unaccompanied Questionable behavior: • Exhibiting behavior that results in repeated security violations • Engaging in illegal activity or asking you to engage in any illegal activity
  • 19. INSIDER THREAT AWARENESS General Suspicious Behavior (Cont…) Changes in financial circumstances: • Displaying unexplained or undue affluence explained by inheritance, luck in gambling, or some successful business venture • Displaying sudden reversal of financial situation or sudden repayment of large debts Attempts to compromise individuals: • Attempting to entice personnel with access to critical assets into situations that could place them in a compromising position • Attempting to place personnel with access to critical assets under obligation through special treatment, favors, gifts, money, or other means
  • 20. INSIDER THREAT AWARENESS General Suspicious Behavior (Cont…) Questionable national loyalty: • Displaying questionable loyalty to U.S. government or company • Making anti-U.S. comments Exhibits actions or behaviors associated with disgruntled employees: • Conflicts with supervisors and coworkers • Decline in work performance • Tardiness • Unexplained absenteeism
  • 21. INSIDER THREAT AWARENESS Reporting Procedures If you suspect a possible insider threat, you must report it. You cannot assume someone else will do so. Every one of us is an owner of security - both the security of information and the security of personnel. We are all responsible for its safekeeping. A major hurdle that deters people from reporting is the idea that they are snitching on a colleague. Yet reporting is a way of ensuring your security, the security of your fellow colleagues, and the resources and capabilities of your organization. Insider threat reporting procedures vary depending on whether you are an employee of the DoD, a Federal Agency, or you work in cleared industry.
  • 22. INSIDER THREAT AWARENESS Reporting Procedures for DOD DoD employees must report potential threats to their organization’s security office. Security officers will coordinate with counterintelligence elements, if required. If you suspect recruitment by a foreign entity, report it directly to your supporting counterintelligence element. If you suspect espionage, report to the FBI or counterintelligence officials.
  • 23. INSIDER THREAT AWARENESS Reporting Procedures for Federal Agency Employees Federal agency employees should report to their agency’s security office. Specific procedures will vary by agency. Follow your agency-specific reporting procedures.
  • 24. INSIDER THREAT AWARENESS Reporting Procedures for Cleared Industry Employees of cleared industry must report potential threats to the Facility Security Officer, or FSO. Depending on the situation, the FSO will then report the possible threat to the facility’s DSS Industrial Security Representative, DSS Counterintelligence Specialist, or, if it involves known or suspected espionage, to the FBI.
  • 25. INSIDER THREAT AWARENESS Failure to Report Unfortunately, insider threats often go unreported until it is too late. In the majority of past cases, relevant information was available, yet went unreported. How different might things have been had someone said something? When you fail to report, you risk both your physical security and the information security of your organization. Insider threats weaken the U.S. military’s battlefield advantage and jeopardize war fighters. They increase our vulnerability to fraud, terrorist activity, and cyber- attacks. If you are a member of cleared industry, an insider may cost your company its business and you your job.
  • 26. INSIDER THREAT AWARENESS Failure to Report (Cont…) Failing to report also fails the employee who needs help. When you don’t report, you lose the opportunity to help your coworker resolve problems before committing espionage or hurting others. For cleared DoD employees subject to Uniform Code of Military Justice, failing to report a potential insider threat may result in punitive actions. For cleared Federal agency and DoD civilian employees, failing to report may result in disciplinary action up to and including termination and criminal and civil sanctions. For cleared defense contractors, failing to report may result in loss of employment and security clearance. Individuals may also be subject to criminal charges. You cannot underestimate the role you play in protecting against insider threats. You are the first line of defense.
  • 27. INSIDER THREAT AWARENESS Conclusion You have just learned how insider threats affect the DoD, Federal agencies, cleared industry, and people like you. You need to be aware of these threats. You need to consider your facility, its technology and programs, and the information you know. How might you be targeted? If you suspect a potential insider threat, you must report it
  • 28. INSIDER THREAT AWARENESS Compliments of: Eric Schiowitz, Vice President – 781-373-8464, 508-561-4776, eric@expertfso.com