Hackers of India

Insider Threats - Best Practices and Common Pitfalls

By  Georgie Kurien  on 06 Aug 2023 @ C0c0n


Presentation Material

AI Generated Summarymay contain errors

Here is a summary of the content:

The speaker, , a risk assessment professional,2017 expert, highlights common pitfalls in insider security incident management. Five key areas are underestimated or neglected:

  1. Training and tuning: Insider threats require a human element, which cannot be addressed solely with technology. Organizations must invest in training and tuning their security incident management programs to address specific scenarios.

  2. Policy failures: Policies are often created without involving individuals who will be affected by them, leading to policy failures. Accountability and communication are crucial to successful policy implementation.

  3. Over-reliance on technology solutions: Relying solely on technology can neglect human-centered countermeasures. Integration of tools with sensitive segments within the organization is often lacking, and customization is insufficient.

  4. Limited collaboration: Collaboration between business departments, Human Resources, Information Security, executive management, and third parties is essential for effective insider security incident management.

  5. Response delays: Delays in response to insider threats can be attributed to a lack of understanding of the organization’s culture and the human element involved.

The speaker emphasizes that asking the right questions during risk assessments can provide valuable insights. Two specific questions can give maximum return on investment:

  1. How can sensitive data be taken out of the organization?
  2. What is the maximum damage that a person in a particular role can cause to the platform or data?

These questions can help identify real problems and vulnerabilities within an organization. The speaker concludes by inviting feedback, corrections, and discussions from the audience to enrich the topic further.