SlideShare una empresa de Scribd logo

The Insider Threat

PECB
PECB

One of the most critical aspects of safeguarding the IT assets of any corporation is dealing with the Insider's Threat. With so many diversified IT components, it is a real challenge to design an effective IT security strategy. It is critical to recognize this particular threat and take countermeasures to protect your assets. So, this webinar covers: Insider threats, how to mitigate insider threats, how to design an effective IT security strategy, and how to protect your assets. Main points covered: • Insider threats • How to design an effective IT security strategy • How to protect your assets Presenter: The webinar was hosted by Demetris Kachulis. Mr. Kachulis is an expert in the field of Information Security. With over 20 years of Wall Street consulting experience, he has worked with many Fortune 500 companies. He is currently the director of Eldion Consulting, a company offering Security, Trainings and Business solutions. Link of the recorded session published on YouTube: https://youtu.be/hXe5HHjnBeU

Educación
1 de 30
The Insider Threat Presented by Demetris Kachulis CISSP,CISA,MPM,MBA,M.Sc dkachulis@eldionconsulting.com
2 Kachulis Demetris Senior Technical Consultant Demetris Kachulis is an expert in the field of Information Security. With over 20 years of Wall Street consulting experience he has worked with many Forture 500 companies. He is currently the director of Eldion Consulting, a company offering Security, Trainings and Business solutions. . +357 97730865 dkachulis@eldionconsulting.com www.eldionconsulting.com https://cy.linkedin.com/in/demetri-kachulis-cissp-cisa-mpm-2456551
• An insider threat to an organization is a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization's information or information systems. What it is
• Data security is compromised through the unintentional and unwise behavior of employees and IT professionals The Insider Threat: Negligent Employees
• An employee who is disgruntled or seeks to gain financially through illicit actions that involve corporate resources can become an insider threat that adds a dangerous new dimension to the data loss prevention challenge. The Insider Threat: Disgruntled Employees
Reason of Misuse
How big is the Problem?
Who is next ?
More Cases
• 33 percent of IT professionals were most concerned about data being lost or stolen through USB devices. • 39 percent of IT professionals worldwide were more concerned about the threat from their own employees than the threat from outside hackers • 27 percent of IT professionals admitted that they did not know the trends of data loss incidents over the past few years. Cisco Findings
• IT Sabotage – California Case • Theft of Information (eg. Industrial Espionage) • Fraud • Threats in Software Development Life Cycle - Slicing Threat Types
Stages of Data Theft
Potential Indicators
• 77 cases in U.S from 1996-2007 • Who 5 % ex – 95% Current – M/F 50/50 – Low level – Data entry/customer info/clerks • Why – Financial Gain – 1/3 ongoing for more than a year – A recurring pattern in the theft of information for financial gain cases includes an outsider recruiting an insider in a low-paying, non- technical position who has access to PII or CI – insiders were paid to modify data, for example credit histories – some insiders were able to design and carry out their own modification scheme due to their familiarity with the organization’s systems and business processes. Case Study analysis
• 95% of the insiders stole or modified the information during normal working hours, and over 75% of the insiders used authorized access • Five had system administrator or database administrator access and less than 15% had privileged access • Only 16% of the crimes involved sophisticated technical techniques • 85% of the insiders used their own usernames and passwords to commit their crimes. • Slightly over 10% compromised someone else’s account How was the attack staged?
• Only one of the insiders was detected due to network monitoring activities • Half were detected due to data irregularities • The majority of the cases were detected by non-technical means, such as notification of a problem by a customer • Over 50% of the cases were detected internally by non-IT security personnel, 26% by clients or customers of the organization, and 5% by competitors. How was it detected?
What to do – The Cert list
Learn from past incidents • Some organizations experience the same types of insider crimes more than once • When you have an attack, implement controls to catch it next time • Some organizations: Create formal teams to examine past incidents and implement new controls
Focus on Protecting your Crown Jewels • One third of CERT’s insider theft of IP cases involve a foreign government or organization • What would happen if your IP was stolen and taken out of the country? • Most insiders use authorized access to steal IP But they don’t always require the access! • Some organizations: Implement extra controls for THE most critical IP • Protect against “erosion of access controls “
Technology Use Use of tools like: •DLP •SIEM •Data Correlation •IDS •Network Monitoring
Mitigate Threats from Business Partners • Trusted Business Partners (TBPs) include: – contractors – outsourced companies • Some organizations: – Specify information security controls in contracts – Require the same controls for their TBPs as they require internally – Audit TBP policies and procedures – Require same policies and procedures for contractors as for employees
Recognize Behavior as a Potential Indicator • Most prevalent in insider IT sabotage and theft of IP • Some organizations Educate management staff on insider threat indicators • Communicate employees “on the HR radar” to security staff
Educate Employees Regarding Potential Recruitment • Carefully consider: do you have any systems or data that an insider could be paid to steal or modify? – Financial, Personally Identifiable Information (PII), identity documents, utility bills, credit histories – • Some organizations: – Perform periodic background checks for existing employees
Pay Close Attention to Resignation/Termination • Change in employment status is the TOP issue of concern in insider threat list • BUT… Typically not in fraud cases! – Some organizations Perform targeted employee monitoring Low performing employees – Employees who will be laid off or terminated • Implement special controls for their most critical IP
Address Employee Privacy Issues with the Legal Department • Employee privacy issues present a tricky legal issue • Laws and regulations differ in private sector, government, and various critical infrastructure sectors • Some organizations: Have created and implemented insider threat policies and processes by working with Human Resources, General Counsel, Information Security / Information Technology, Security, and top management
Work Together Across the Organization • IT cannot solve this alone! • Need communication across Management, Information Security / Information Technology, Security, Data Owners, Software Engineering, General Counsel, and Human Resources • Some organizations: Achieve this communication but only after significant suspicious activity warrants an investigation • Have achieved proactive communication between some of these organizational units
Create an Insider Threat Program NOW! • In the first three months following this presentation you should: – Obtain buy-in from top management – Form an insider threat team – Create policies – Develop processes and implement controls • Within six months you should: – Roll out and consistently enforce the policies – Regularly communicate across your organization
• Assess risks by identifying and classifying confidential information • Educate employees on information protection policies and procedures (such as streamlined social media profiles), then hold them accountable • Implement an integrated security solution that includes reputation-based security, proactive threat protection, firewall and intrusion prevention in order to keep malware off endpoint • Deploy data loss prevention technologies which enable policy compliance and enforcement • Proactively encrypt laptops to minimize consequences of a lost device • Implement two-factor authentication (Ex. VPN plus strong user name and password) • Integrate information protection practices into businesses processes Best Practices
References • http://www.ponemon.org/index.php • http://www.cert.org/
30 Issue: Feb 2013 MMCAFRICA - EMS Auditor / Lead Auditor Training Course ? QUESTIONS THANK YOU +357 97730865 dkachulis@eldionconsulting.com https://cy.linkedin.com/in/demetri-kachulis-cissp-cisa-mpm-2456551 www.eldionconsulting.com

Recomendados

Insider threat
Insider threatInsider threat
Insider threat
ARCON TECHSOLUTIONS
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ObserveIT
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
zhihaochen
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
Lancope, Inc.
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-Threat
Mike Saunders
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
KAMRAN KHALID
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Daniel P Wallace
 

Recomendados

Insider threat
Insider threatInsider threat
Insider threat
ARCON TECHSOLUTIONS
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ObserveIT
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
zhihaochen
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
Lancope, Inc.
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-Threat
Mike Saunders
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
KAMRAN KHALID
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Daniel P Wallace
 
Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
Atlantic Training, LLC.
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
 
Information security threats
Information security threatsInformation security threats
Information security threats
complianceonline123
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
asherad
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security Explained
Happiest Minds Technologies
 
CNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic DuplicationCNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic Duplication
Sam Bowne
 
An overview of access control
An overview of access controlAn overview of access control
An overview of access control
Elimity
 
Information security
Information securityInformation security
Information security
AlaaMahmoud108
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and Standards
Directorate of Information Security | Ditjen Aptika
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
Innocent Korie
 
Security Audit View
Security Audit ViewSecurity Audit View
Security Audit View
PLN9 Security Services Pvt. Ltd.
 
Domain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementDomain 1 - Security and Risk Management
Domain 1 - Security and Risk Management
Maganathin Veeraragaloo
 
The Six Stages of Incident Response
The Six Stages of Incident Response The Six Stages of Incident Response
The Six Stages of Incident Response
Darren Pauli
 
System security
System securitySystem security
System security
sommerville-videos
 
2017 Security Report Presentation
2017 Security Report Presentation2017 Security Report Presentation
2017 Security Report Presentation
ixiademandgen
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
Denis kisina
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
R_Yanus
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
Dave Monahan
 
Information security
Information securityInformation security
Information security
avinashbalakrishnan2
 
Social engineering
Social engineering Social engineering
Social engineering
Vîñàý Pãtêl
 
The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider Threat
Imperva
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT
 

Más contenido relacionado

La actualidad más candente

Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
Atlantic Training, LLC.
 
Information security threats
Information security threatsInformation security threats
Information security threats
complianceonline123
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
R_Yanus
 

La actualidad más candente (20)

Information Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn HospitalInformation Security Awareness Training by Mount Auburn Hospital
Information Security Awareness Training by Mount Auburn Hospital
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Information security threats
Information security threatsInformation security threats
Information security threats
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security Explained
 
CNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic DuplicationCNIT 121: 8 Forensic Duplication
CNIT 121: 8 Forensic Duplication
 
An overview of access control
An overview of access controlAn overview of access control
An overview of access control
 
Information security
Information securityInformation security
Information security
 
Information Security Policies and Standards
Information Security Policies and StandardsInformation Security Policies and Standards
Information Security Policies and Standards
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
Security Audit View
Security Audit ViewSecurity Audit View
Security Audit View
 
Domain 1 - Security and Risk Management
Domain 1 - Security and Risk ManagementDomain 1 - Security and Risk Management
Domain 1 - Security and Risk Management
 
The Six Stages of Incident Response
The Six Stages of Incident Response The Six Stages of Incident Response
The Six Stages of Incident Response
 
System security
System securitySystem security
System security
 
2017 Security Report Presentation
2017 Security Report Presentation2017 Security Report Presentation
2017 Security Report Presentation
 
Employee Security Awareness Training
Employee Security Awareness TrainingEmployee Security Awareness Training
Employee Security Awareness Training
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
 
Information security
Information securityInformation security
Information security
 
Social engineering
Social engineering Social engineering
Social engineering
 

Destacado

5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
Lancope, Inc.
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
Zivaro Inc
 
Vegas in may part 2 ppsx
Vegas in may part 2 ppsxVegas in may part 2 ppsx
Vegas in may part 2 ppsx
Susan Joyce
 

Destacado (20)

The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider Threat
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
 
The Insider Threats - Are You at Risk?
The Insider Threats - Are You at Risk?The Insider Threats - Are You at Risk?
The Insider Threats - Are You at Risk?
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider Threats
 
Tools and tips for protecting value in start-up companies
Tools and tips for protecting value in start-up companiesTools and tips for protecting value in start-up companies
Tools and tips for protecting value in start-up companies
 
The Thing About Protecting Data Is, You Have To Protect Data
The Thing About Protecting Data Is, You Have To Protect DataThe Thing About Protecting Data Is, You Have To Protect Data
The Thing About Protecting Data Is, You Have To Protect Data
 
Vegas in may part 2 ppsx
Vegas in may part 2 ppsxVegas in may part 2 ppsx
Vegas in may part 2 ppsx
 
Protecting Data in Untrusted Locations
Protecting Data in Untrusted LocationsProtecting Data in Untrusted Locations
Protecting Data in Untrusted Locations
 
12 Steps on the Journey Towards Valuable Data
12 Steps on the Journey Towards Valuable Data12 Steps on the Journey Towards Valuable Data
12 Steps on the Journey Towards Valuable Data
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
Your Mobility Problems, Simply Solved by Fuji Xerox
Your Mobility Problems, Simply Solved by Fuji XeroxYour Mobility Problems, Simply Solved by Fuji Xerox
Your Mobility Problems, Simply Solved by Fuji Xerox
 
Gov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsGov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior Analytics
 
Your Business Problems, Simply Solved by Fuji Xerox
Your Business Problems, Simply Solved by Fuji XeroxYour Business Problems, Simply Solved by Fuji Xerox
Your Business Problems, Simply Solved by Fuji Xerox
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider Threat
 
Insider Threat Experiences
Insider Threat ExperiencesInsider Threat Experiences
Insider Threat Experiences
 
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaInsider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
 

Similar a The Insider Threat

How To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 WebinarHow To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 Webinar
Concept Searching, Inc
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
Resilient Systems
 
Data Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint WebinarData Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint Webinar
Concept Searching, Inc
 
Sask 3.0 Summit Pci dss presentation Bashir Fancy
Sask 3.0 Summit Pci dss presentation Bashir FancySask 3.0 Summit Pci dss presentation Bashir Fancy
Sask 3.0 Summit Pci dss presentation Bashir Fancy
SaskSummit
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?
PECB
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
Priyank Hada
 
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.pptEDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
PreethamS41
 
Securing your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSecuring your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEs
Sonny Hashmi
 

Similar a The Insider Threat (20)

insider threat research
insider threat researchinsider threat research
insider threat research
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security ProsPrivacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
Privacy & Pwnage: Privacy, Data Breaches and Lessons for Security Pros
 
How To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 WebinarHow To Eliminate Security Exposures in Office 365 Webinar
How To Eliminate Security Exposures in Office 365 Webinar
 
Hacking the Human - How Secure Is Your Organization?
Hacking the Human - How Secure Is Your Organization?Hacking the Human - How Secure Is Your Organization?
Hacking the Human - How Secure Is Your Organization?
 
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdfWhat Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
 
Cybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial ServicesCybersecurity Best Practices in Financial Services
Cybersecurity Best Practices in Financial Services
 
Data Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint WebinarData Breaches and Security Rights in SharePoint Webinar
Data Breaches and Security Rights in SharePoint Webinar
 
Secure Iowa Oct 2016
Secure Iowa Oct 2016Secure Iowa Oct 2016
Secure Iowa Oct 2016
 
Sask 3.0 Summit Pci dss presentation Bashir Fancy
Sask 3.0 Summit Pci dss presentation Bashir FancySask 3.0 Summit Pci dss presentation Bashir Fancy
Sask 3.0 Summit Pci dss presentation Bashir Fancy
 
Keeping an Eye On Risk - Current Concerns and Supervisory Oversight
Keeping an Eye On Risk - Current Concerns and Supervisory OversightKeeping an Eye On Risk - Current Concerns and Supervisory Oversight
Keeping an Eye On Risk - Current Concerns and Supervisory Oversight
 
Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?Digital Forensics 101 – How is it used to protect an Organization’s Data?
Digital Forensics 101 – How is it used to protect an Organization’s Data?
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
 
Role of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve HowseRole of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve Howse
 
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.pptEDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
 
GDPR | Cyber security process resilience
GDPR | Cyber security process resilienceGDPR | Cyber security process resilience
GDPR | Cyber security process resilience
 
Securing your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSecuring your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEs
 
Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb es
 

Más de PECB

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
PECB
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
PECB
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
PECB
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
PECB
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
PECB
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
PECB
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
PECB
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
PECB
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
PECB
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
PECB
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
PECB
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
PECB
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
PECB
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
PECB
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
PECB
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
PECB
 

Más de PECB (20)

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityDORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of Cybersecurity
 
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernanceSecuring the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI Governance
 
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
ISO/IEC 27032, ISO/IEC 27002, and CMMC Frameworks - Achieving Cybersecurity M...
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks Effectively
 
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
 
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
 
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsManaging ISO 31000 Framework in AI Systems - The EU ACT and other regulations
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations
 
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?
 
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
 
Student Information Session University KTMC
Student Information Session University KTMC Student Information Session University KTMC
Student Information Session University KTMC
 
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
 
Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA Student Information Session University CREST ADVISORY AFRICA
Student Information Session University CREST ADVISORY AFRICA
 
IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?IT Governance and Information Security – How do they map?
IT Governance and Information Security – How do they map?
 
Information Session University Egybyte.pptx
Information Session University Egybyte.pptxInformation Session University Egybyte.pptx
Information Session University Egybyte.pptx
 
Student Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptxStudent Information Session University Digital Encode.pptx
Student Information Session University Digital Encode.pptx
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 

Último

Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 

Último (20)

Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 

The Insider Threat

  • 1. The Insider Threat Presented by Demetris Kachulis CISSP,CISA,MPM,MBA,M.Sc dkachulis@eldionconsulting.com
  • 2. 2 Kachulis Demetris Senior Technical Consultant Demetris Kachulis is an expert in the field of Information Security. With over 20 years of Wall Street consulting experience he has worked with many Forture 500 companies. He is currently the director of Eldion Consulting, a company offering Security, Trainings and Business solutions. . +357 97730865 dkachulis@eldionconsulting.com www.eldionconsulting.com https://cy.linkedin.com/in/demetri-kachulis-cissp-cisa-mpm-2456551
  • 3. • An insider threat to an organization is a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization's information or information systems. What it is
  • 4. • Data security is compromised through the unintentional and unwise behavior of employees and IT professionals The Insider Threat: Negligent Employees
  • 5. • An employee who is disgruntled or seeks to gain financially through illicit actions that involve corporate resources can become an insider threat that adds a dangerous new dimension to the data loss prevention challenge. The Insider Threat: Disgruntled Employees
  • 7. How big is the Problem?
  • 10. • 33 percent of IT professionals were most concerned about data being lost or stolen through USB devices. • 39 percent of IT professionals worldwide were more concerned about the threat from their own employees than the threat from outside hackers • 27 percent of IT professionals admitted that they did not know the trends of data loss incidents over the past few years. Cisco Findings
  • 11. • IT Sabotage – California Case • Theft of Information (eg. Industrial Espionage) • Fraud • Threats in Software Development Life Cycle - Slicing Threat Types
  • 12. Stages of Data Theft
  • 14. • 77 cases in U.S from 1996-2007 • Who 5 % ex – 95% Current – M/F 50/50 – Low level – Data entry/customer info/clerks • Why – Financial Gain – 1/3 ongoing for more than a year – A recurring pattern in the theft of information for financial gain cases includes an outsider recruiting an insider in a low-paying, non- technical position who has access to PII or CI – insiders were paid to modify data, for example credit histories – some insiders were able to design and carry out their own modification scheme due to their familiarity with the organization’s systems and business processes. Case Study analysis
  • 15. • 95% of the insiders stole or modified the information during normal working hours, and over 75% of the insiders used authorized access • Five had system administrator or database administrator access and less than 15% had privileged access • Only 16% of the crimes involved sophisticated technical techniques • 85% of the insiders used their own usernames and passwords to commit their crimes. • Slightly over 10% compromised someone else’s account How was the attack staged?
  • 16. • Only one of the insiders was detected due to network monitoring activities • Half were detected due to data irregularities • The majority of the cases were detected by non-technical means, such as notification of a problem by a customer • Over 50% of the cases were detected internally by non-IT security personnel, 26% by clients or customers of the organization, and 5% by competitors. How was it detected?
  • 17. What to do – The Cert list
  • 18. Learn from past incidents • Some organizations experience the same types of insider crimes more than once • When you have an attack, implement controls to catch it next time • Some organizations: Create formal teams to examine past incidents and implement new controls
  • 19. Focus on Protecting your Crown Jewels • One third of CERT’s insider theft of IP cases involve a foreign government or organization • What would happen if your IP was stolen and taken out of the country? • Most insiders use authorized access to steal IP But they don’t always require the access! • Some organizations: Implement extra controls for THE most critical IP • Protect against “erosion of access controls “
  • 20. Technology Use Use of tools like: •DLP •SIEM •Data Correlation •IDS •Network Monitoring
  • 21. Mitigate Threats from Business Partners • Trusted Business Partners (TBPs) include: – contractors – outsourced companies • Some organizations: – Specify information security controls in contracts – Require the same controls for their TBPs as they require internally – Audit TBP policies and procedures – Require same policies and procedures for contractors as for employees
  • 22. Recognize Behavior as a Potential Indicator • Most prevalent in insider IT sabotage and theft of IP • Some organizations Educate management staff on insider threat indicators • Communicate employees “on the HR radar” to security staff
  • 23. Educate Employees Regarding Potential Recruitment • Carefully consider: do you have any systems or data that an insider could be paid to steal or modify? – Financial, Personally Identifiable Information (PII), identity documents, utility bills, credit histories – • Some organizations: – Perform periodic background checks for existing employees
  • 24. Pay Close Attention to Resignation/Termination • Change in employment status is the TOP issue of concern in insider threat list • BUT… Typically not in fraud cases! – Some organizations Perform targeted employee monitoring Low performing employees – Employees who will be laid off or terminated • Implement special controls for their most critical IP
  • 25. Address Employee Privacy Issues with the Legal Department • Employee privacy issues present a tricky legal issue • Laws and regulations differ in private sector, government, and various critical infrastructure sectors • Some organizations: Have created and implemented insider threat policies and processes by working with Human Resources, General Counsel, Information Security / Information Technology, Security, and top management
  • 26. Work Together Across the Organization • IT cannot solve this alone! • Need communication across Management, Information Security / Information Technology, Security, Data Owners, Software Engineering, General Counsel, and Human Resources • Some organizations: Achieve this communication but only after significant suspicious activity warrants an investigation • Have achieved proactive communication between some of these organizational units
  • 27. Create an Insider Threat Program NOW! • In the first three months following this presentation you should: – Obtain buy-in from top management – Form an insider threat team – Create policies – Develop processes and implement controls • Within six months you should: – Roll out and consistently enforce the policies – Regularly communicate across your organization
  • 28. • Assess risks by identifying and classifying confidential information • Educate employees on information protection policies and procedures (such as streamlined social media profiles), then hold them accountable • Implement an integrated security solution that includes reputation-based security, proactive threat protection, firewall and intrusion prevention in order to keep malware off endpoint • Deploy data loss prevention technologies which enable policy compliance and enforcement • Proactively encrypt laptops to minimize consequences of a lost device • Implement two-factor authentication (Ex. VPN plus strong user name and password) • Integrate information protection practices into businesses processes Best Practices
  • 30. 30 Issue: Feb 2013 MMCAFRICA - EMS Auditor / Lead Auditor Training Course ? QUESTIONS THANK YOU +357 97730865 dkachulis@eldionconsulting.com https://cy.linkedin.com/in/demetri-kachulis-cissp-cisa-mpm-2456551 www.eldionconsulting.com