SlideShare a Scribd company logo

The insider versus external threat

Download as PPT, PDF
Z
zhihaochen

Information security

Technology
1 of 16
The Insider versus External Threat Zhi Hao Chen(30113181) Pavan Geddam(30127867) Sasidhar Bandla(30121080)
The Insider Threat • What is insider threat? An insider threat is generally defined as a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system, or data and intentionally misused that access to negatively affect the confidentiality, integrity, or availability of the organization's information or information systems. Insiders do not always act alone and may not be aware they are aiding a threat actor (i.e. the unintentional insider threat).
The Insider Threat • Some characteristics of Insiders at Risk of Becoming a Threat 1. Greed/ financial need 2. Reduced loyalty 3. Pattern of frustration and disappointment 4. Inability to assume responsibility for their actions
The Insider Threat How to know who is insider Acting differently Download or copy more information from the company than they should know Working long hours than others
The Insider Threat Decrease insider threat • Training employees to recognize phishing and other social media threat vectors • Train continuously to maintain the proper levels of knowledge skills and abilities • Maintain staff values and attitudes that align with organizational mission and ethics • Improve usability of security tools • Improve usability of software to reduce the likelihood of system-induced human error
The Insider Threat  Defend your organisation from insider crime by: • Effective supervision – set the tone from the top • An anti-fraud strategy, tailored to the needs of the particular organisation • Listening to staff concerns and encouraging them to speak up • Looking for weaknesses in controls and systems • Technical controls such as server room audit trails and disabled USB access to prevent data theft • Effective pre-employment screening • Disabling access privileges on termination of employment • Be honest – report fraud, prosecute if necessary and give truthful references for employees
External Threat •External threats are anything from your organization's outside environment that can adversely affect its performance or achievement of its goals. Ironically, stronger organizations can be exposed to a greater level of threats than weaker organizations because success breeds envy and competition to take what your organization has achieved.
External Threat An external threat includes: •individuals outside an organization attempting to gain unauthorized access to an organization’s networks using the Internet, other networks, or dial-up modems. •flooding a network with large volumes of access requests so that the network is unable to respond to legitimate requests, one type of denial-of-service attack.
External Threat External Accidents •Modern business computer systems are large and distributed. In addition to an organization’s internal network, many important components reside on the public Internet. This means that a complex chain of events can affect an IT database in unpredictable ways. For example, a heavy storm in one region of the country can cut power to a server that stores software licenses for other servers. With licenses unavailable, database backup software may not function at its scheduled time, leaving the database open to irreversible corruption.
External Threat External Attacks •The most frightening attacks come from skilled and sophisticated external hackers. These attackers can find network vulnerabilities or socially manipulate insiders to get past outer network defenses. Since an organization’s software applications maintain open connections to IT databases, hackers seek to take control of these applications after they get inside, often by seeking application passwords set to their defaults
Insider Vs External Threats •A threat originating outside a company, government agency, or institution. In contrast, an internal threat is one originating inside the organization. •The relative susceptibility to insider- and outsider-originated attacks depends on many factors. Let’s discuss some of them
Insider Vs External Threats • Only 39 percent of survey respondents said they were victims of a cyberattack • 16% were attacked from an external source • 13% were attacked from an internal source • 10% were attacked from both internal and external sources • 61% reported that they were not attacked
Insider Vs External Threats • Personnel security. Some organizations carefully screen all personnel before they are allowed access to computing systems, to determine whether their background is sufficiently unblemished to merit trust in them. Good personnel security substantially diminishes the threat of an insider attack. • Network architecture. Networks that have traffic screening and security management barriers generally provide less opportunity for outsider attacks than do those that do not. Multiple entry points (as opposed to a single entry point) into a network are more conducive to outsider attacks.
Insider Vs External Threats • Intrusion detection capabilities. Deploying intrusion detection tools appropriately and taking the time to carefully investigate the data they provide can also affect the relative proportion of insider versus outsider attacks. Most of today's commercial intrusion detection tools are better at discovering outsider attacks. Most current attacks on networks and the systems therein do not occur at a single point in time, they often occur over a period of days, weeks and even months. Intrusion detection tools can help shut these attacks off by enabling an organization to discover an attack early, thereby enabling network and security administrators to change packet-filtering rules, disconnect target machines from the network, and take other evasive measures to prevent further, successful attacks. The overall result is less likelihood of outsider attacks (although insider attacks can also be reduced in a similar manner).
References • https://www.us-cert.gov/sites/default/files/publications/Combating%20the%20Insider %20Threat_0.pdf • http://www.thesecurityco.com/media/40631/Whitepaper-insider-threat_January2013.pdf • http://www.yourdictionary.com/external-threat • http://education-portal.com/academy/lesson/external-opportunities-threats-in-swot-analysis- examples-definition-quiz.html#lesson • http://itlaw.wikia.com/wiki/External_threat • http://searchsecurity.techtarget.com/tip/The-worse-of-two-evils-Internal-vs-external-security- threats • http://www.integritysrc.com/blog/223-internal-vs-external-threats-which-one-worries-you-more • http://smallbusiness.chron.com/difference-between-internal-external-threats-database- 74165.html • https://www.saintcorporation.com/solutions/smallBusiness.html
Question time!!! Thank you~~~

Recommended

Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackMekhi Da ‘Quay Daniels
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityDavid Mai, MBA
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider ThreatMurray Security Services
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider ThreatsLancope, Inc.
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatMike Saunders
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasuresKAMRAN KHALID
 

Recommended

Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackMekhi Da ‘Quay Daniels
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityDavid Mai, MBA
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider ThreatMurray Security Services
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider ThreatsLancope, Inc.
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatMike Saunders
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasuresKAMRAN KHALID
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeDavid Mai, MBA
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionObserveIT
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chainTarun Gupta,CRISC CISSP CISM CISA BCCE
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?ObserveIT
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3Lancope, Inc.
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCybera Inc.
 
Ht t17
Ht t17Ht t17
Ht t17SelectedPresentations
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziKashif Semple
 
Cyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCapri Insurance
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsPhish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsObserveIT
 
ObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity ManagementObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity ManagementObserveIT
 
How to Implement an Insider Threat Program
How to Implement an Insider Threat ProgramHow to Implement an Insider Threat Program
How to Implement an Insider Threat ProgramObserveIT
 
Insider threat
Insider threatInsider threat
Insider threatARCON TECHSOLUTIONS
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyResilient Systems
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatAndrew Case
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWPICPE
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsSarah Cirelli
 
Difficulty Paper: Salvatori's Basic Assignment
Difficulty Paper: Salvatori's Basic AssignmentDifficulty Paper: Salvatori's Basic Assignment
Difficulty Paper: Salvatori's Basic AssignmentIlene Dawn Alexander
 
Amy Haddad: Difficulty Paper Handout for Students
Amy Haddad: Difficulty Paper Handout for StudentsAmy Haddad: Difficulty Paper Handout for Students
Amy Haddad: Difficulty Paper Handout for StudentsCenter for Teaching & Learning - University of Minnesota
 

More Related Content

What's hot

Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeDavid Mai, MBA
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionObserveIT
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?ObserveIT
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCybera Inc.
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziKashif Semple
 
Cyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCapri Insurance
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsPhish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsObserveIT
 
ObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity ManagementObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity ManagementObserveIT
 
How to Implement an Insider Threat Program
How to Implement an Insider Threat ProgramHow to Implement an Insider Threat Program
How to Implement an Insider Threat ProgramObserveIT
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyResilient Systems
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatAndrew Case
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWPICPE
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsSarah Cirelli
 

What's hot (20)

Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
 
Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat Detection
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
 
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCyber Summit 2016: Insider Threat Indicators: Human Behaviour
Cyber Summit 2016: Insider Threat Indicators: Human Behaviour
 
Ht t17
Ht t17Ht t17
Ht t17
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint Prezi
 
Cyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutions
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber risk
 
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other RegulationsPhish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
Phish, Spoof, Scam: Insider Threats, the GDPR & Other Regulations
 
ObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity ManagementObserveIT Webinar: Privileged Identity Management
ObserveIT Webinar: Privileged Identity Management
 
How to Implement an Insider Threat Program
How to Implement an Insider Threat ProgramHow to Implement an Insider Threat Program
How to Implement an Insider Threat Program
 
Insider threat
Insider threatInsider threat
Insider threat
 
Anatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The UglyAnatomy Of A Breach: The Good, The Bad & The Ugly
Anatomy Of A Breach: The Good, The Bad & The Ugly
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider Threat
 
Webinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity RiskWebinar - Reducing Your Cybersecurity Risk
Webinar - Reducing Your Cybersecurity Risk
 
Cybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial InstitutionsCybersecurity Risk Management for Financial Institutions
Cybersecurity Risk Management for Financial Institutions
 

Viewers also liked

Difficulty Paper: Salvatori's Basic Assignment
Difficulty Paper: Salvatori's Basic AssignmentDifficulty Paper: Salvatori's Basic Assignment
Difficulty Paper: Salvatori's Basic AssignmentIlene Dawn Alexander
 
Analysing your assignment/thesis topic
Analysing your assignment/thesis topicAnalysing your assignment/thesis topic
Analysing your assignment/thesis topicSusanne Noll
 
Protecting Data in Untrusted Locations
Protecting Data in Untrusted LocationsProtecting Data in Untrusted Locations
Protecting Data in Untrusted LocationsJan Schaumann
 
The Thing About Protecting Data Is, You Have To Protect Data
The Thing About Protecting Data Is, You Have To Protect DataThe Thing About Protecting Data Is, You Have To Protect Data
The Thing About Protecting Data Is, You Have To Protect DataAndy LoPresto
 
Tools and tips for protecting value in start-up companies
Tools and tips for protecting value in start-up companiesTools and tips for protecting value in start-up companies
Tools and tips for protecting value in start-up companiesJohan Örneblad
 
Vegas in may part 2 ppsx
Vegas in may part 2 ppsxVegas in may part 2 ppsx
Vegas in may part 2 ppsxSusan Joyce
 
12 Steps on the Journey Towards Valuable Data
12 Steps on the Journey Towards Valuable Data12 Steps on the Journey Towards Valuable Data
12 Steps on the Journey Towards Valuable DataJason Edge
 
The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatImperva
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityObserveIT
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT
 
Gov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsGov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsSplunk
 
Software proposal sample_project_1-_web_site_development_by_zx_7_of_november_...
Software proposal sample_project_1-_web_site_development_by_zx_7_of_november_...Software proposal sample_project_1-_web_site_development_by_zx_7_of_november_...
Software proposal sample_project_1-_web_site_development_by_zx_7_of_november_...Oleg Zhuravlev
 
Protecting Data Everywhere - Barracuda
Protecting Data Everywhere - BarracudaProtecting Data Everywhere - Barracuda
Protecting Data Everywhere - BarracudaMarcoTechnologies
 
Supercharging the Value of Your Data with Amazon S3
Supercharging the Value of Your Data with Amazon S3Supercharging the Value of Your Data with Amazon S3
Supercharging the Value of Your Data with Amazon S3Amazon Web Services
 

Viewers also liked (17)

Difficulty Paper: Salvatori's Basic Assignment
Difficulty Paper: Salvatori's Basic AssignmentDifficulty Paper: Salvatori's Basic Assignment
Difficulty Paper: Salvatori's Basic Assignment
 
Amy Haddad: Difficulty Paper Handout for Students
Amy Haddad: Difficulty Paper Handout for StudentsAmy Haddad: Difficulty Paper Handout for Students
Amy Haddad: Difficulty Paper Handout for Students
 
Amy Haddad: Analysis of Difficulty Paper Assignment
Amy Haddad: Analysis of Difficulty Paper AssignmentAmy Haddad: Analysis of Difficulty Paper Assignment
Amy Haddad: Analysis of Difficulty Paper Assignment
 
Analysing your assignment/thesis topic
Analysing your assignment/thesis topicAnalysing your assignment/thesis topic
Analysing your assignment/thesis topic
 
Protecting Data in Untrusted Locations
Protecting Data in Untrusted LocationsProtecting Data in Untrusted Locations
Protecting Data in Untrusted Locations
 
The Thing About Protecting Data Is, You Have To Protect Data
The Thing About Protecting Data Is, You Have To Protect DataThe Thing About Protecting Data Is, You Have To Protect Data
The Thing About Protecting Data Is, You Have To Protect Data
 
Tools and tips for protecting value in start-up companies
Tools and tips for protecting value in start-up companiesTools and tips for protecting value in start-up companies
Tools and tips for protecting value in start-up companies
 
Vegas in may part 2 ppsx
Vegas in may part 2 ppsxVegas in may part 2 ppsx
Vegas in may part 2 ppsx
 
12 Steps on the Journey Towards Valuable Data
12 Steps on the Journey Towards Valuable Data12 Steps on the Journey Towards Valuable Data
12 Steps on the Journey Towards Valuable Data
 
The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider Threat
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
 
The Insider Threats - Are You at Risk?
The Insider Threats - Are You at Risk?The Insider Threats - Are You at Risk?
The Insider Threats - Are You at Risk?
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
 
Gov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsGov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior Analytics
 
Software proposal sample_project_1-_web_site_development_by_zx_7_of_november_...
Software proposal sample_project_1-_web_site_development_by_zx_7_of_november_...Software proposal sample_project_1-_web_site_development_by_zx_7_of_november_...
Software proposal sample_project_1-_web_site_development_by_zx_7_of_november_...
 
Protecting Data Everywhere - Barracuda
Protecting Data Everywhere - BarracudaProtecting Data Everywhere - Barracuda
Protecting Data Everywhere - Barracuda
 
Supercharging the Value of Your Data with Amazon S3
Supercharging the Value of Your Data with Amazon S3Supercharging the Value of Your Data with Amazon S3
Supercharging the Value of Your Data with Amazon S3
 

Similar to The insider versus external threat

Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badbanerjeea
 
Hacking the Human - How Secure Is Your Organization?
Hacking the Human - How Secure Is Your Organization?Hacking the Human - How Secure Is Your Organization?
Hacking the Human - How Secure Is Your Organization?CBIZ, Inc.
 
Countering Advanced Persistent Threats
Countering Advanced Persistent ThreatsCountering Advanced Persistent Threats
Countering Advanced Persistent ThreatsBooz Allen Hamilton
 
Insider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdfInsider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdframsetl
 
Threats in network that can be noted in security
Threats in network that can be noted in securityThreats in network that can be noted in security
Threats in network that can be noted in securityssuserec53e73
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat IntelligenceMarlabs
 
Benefit from Penetration Testing Certification
Benefit from Penetration Testing CertificationBenefit from Penetration Testing Certification
Benefit from Penetration Testing Certificationshanaadams190
 
Insider threats
Insider threatsInsider threats
Insider threatsizoologic
 
Top Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in EuropeTop Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in Europeroxanaaleena
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareDavid Sweigert
 
Synack cirtical infrasructure webinar
Synack cirtical infrasructure webinarSynack cirtical infrasructure webinar
Synack cirtical infrasructure webinarSynack
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
Cyber Crime and Security Ch 1 .ppt
Cyber Crime and Security Ch 1 .pptCyber Crime and Security Ch 1 .ppt
Cyber Crime and Security Ch 1 .pptwaleejhaider1
 

Similar to The insider versus external threat (20)

Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-bad
 
Hacking the Human - How Secure Is Your Organization?
Hacking the Human - How Secure Is Your Organization?Hacking the Human - How Secure Is Your Organization?
Hacking the Human - How Secure Is Your Organization?
 
Countering Advanced Persistent Threats
Countering Advanced Persistent ThreatsCountering Advanced Persistent Threats
Countering Advanced Persistent Threats
 
COMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptxCOMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptx
 
Insider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdfInsider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdf
 
Zero Trust.pptx
Zero Trust.pptxZero Trust.pptx
Zero Trust.pptx
 
Threats in network that can be noted in security
Threats in network that can be noted in securityThreats in network that can be noted in security
Threats in network that can be noted in security
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber Security
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Benefit from Penetration Testing Certification
Benefit from Penetration Testing CertificationBenefit from Penetration Testing Certification
Benefit from Penetration Testing Certification
 
Insider threats
Insider threatsInsider threats
Insider threats
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security Concepts
 
Top Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in EuropeTop Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in Europe
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from Ransomware
 
Synack cirtical infrasructure webinar
Synack cirtical infrasructure webinarSynack cirtical infrasructure webinar
Synack cirtical infrasructure webinar
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
Cyber Crime and Security Ch 1 .ppt
Cyber Crime and Security Ch 1 .pptCyber Crime and Security Ch 1 .ppt
Cyber Crime and Security Ch 1 .ppt
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 

Recently uploaded

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 

Recently uploaded (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

The insider versus external threat

  • 1. The Insider versus External Threat Zhi Hao Chen(30113181) Pavan Geddam(30127867) Sasidhar Bandla(30121080)
  • 2. The Insider Threat • What is insider threat? An insider threat is generally defined as a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system, or data and intentionally misused that access to negatively affect the confidentiality, integrity, or availability of the organization's information or information systems. Insiders do not always act alone and may not be aware they are aiding a threat actor (i.e. the unintentional insider threat).
  • 3. The Insider Threat • Some characteristics of Insiders at Risk of Becoming a Threat 1. Greed/ financial need 2. Reduced loyalty 3. Pattern of frustration and disappointment 4. Inability to assume responsibility for their actions
  • 4. The Insider Threat How to know who is insider Acting differently Download or copy more information from the company than they should know Working long hours than others
  • 5. The Insider Threat Decrease insider threat • Training employees to recognize phishing and other social media threat vectors • Train continuously to maintain the proper levels of knowledge skills and abilities • Maintain staff values and attitudes that align with organizational mission and ethics • Improve usability of security tools • Improve usability of software to reduce the likelihood of system-induced human error
  • 6. The Insider Threat  Defend your organisation from insider crime by: • Effective supervision – set the tone from the top • An anti-fraud strategy, tailored to the needs of the particular organisation • Listening to staff concerns and encouraging them to speak up • Looking for weaknesses in controls and systems • Technical controls such as server room audit trails and disabled USB access to prevent data theft • Effective pre-employment screening • Disabling access privileges on termination of employment • Be honest – report fraud, prosecute if necessary and give truthful references for employees
  • 7. External Threat •External threats are anything from your organization's outside environment that can adversely affect its performance or achievement of its goals. Ironically, stronger organizations can be exposed to a greater level of threats than weaker organizations because success breeds envy and competition to take what your organization has achieved.
  • 8. External Threat An external threat includes: •individuals outside an organization attempting to gain unauthorized access to an organization’s networks using the Internet, other networks, or dial-up modems. •flooding a network with large volumes of access requests so that the network is unable to respond to legitimate requests, one type of denial-of-service attack.
  • 9. External Threat External Accidents •Modern business computer systems are large and distributed. In addition to an organization’s internal network, many important components reside on the public Internet. This means that a complex chain of events can affect an IT database in unpredictable ways. For example, a heavy storm in one region of the country can cut power to a server that stores software licenses for other servers. With licenses unavailable, database backup software may not function at its scheduled time, leaving the database open to irreversible corruption.
  • 10. External Threat External Attacks •The most frightening attacks come from skilled and sophisticated external hackers. These attackers can find network vulnerabilities or socially manipulate insiders to get past outer network defenses. Since an organization’s software applications maintain open connections to IT databases, hackers seek to take control of these applications after they get inside, often by seeking application passwords set to their defaults
  • 11. Insider Vs External Threats •A threat originating outside a company, government agency, or institution. In contrast, an internal threat is one originating inside the organization. •The relative susceptibility to insider- and outsider-originated attacks depends on many factors. Let’s discuss some of them
  • 12. Insider Vs External Threats • Only 39 percent of survey respondents said they were victims of a cyberattack • 16% were attacked from an external source • 13% were attacked from an internal source • 10% were attacked from both internal and external sources • 61% reported that they were not attacked
  • 13. Insider Vs External Threats • Personnel security. Some organizations carefully screen all personnel before they are allowed access to computing systems, to determine whether their background is sufficiently unblemished to merit trust in them. Good personnel security substantially diminishes the threat of an insider attack. • Network architecture. Networks that have traffic screening and security management barriers generally provide less opportunity for outsider attacks than do those that do not. Multiple entry points (as opposed to a single entry point) into a network are more conducive to outsider attacks.
  • 14. Insider Vs External Threats • Intrusion detection capabilities. Deploying intrusion detection tools appropriately and taking the time to carefully investigate the data they provide can also affect the relative proportion of insider versus outsider attacks. Most of today's commercial intrusion detection tools are better at discovering outsider attacks. Most current attacks on networks and the systems therein do not occur at a single point in time, they often occur over a period of days, weeks and even months. Intrusion detection tools can help shut these attacks off by enabling an organization to discover an attack early, thereby enabling network and security administrators to change packet-filtering rules, disconnect target machines from the network, and take other evasive measures to prevent further, successful attacks. The overall result is less likelihood of outsider attacks (although insider attacks can also be reduced in a similar manner).
  • 15. References • https://www.us-cert.gov/sites/default/files/publications/Combating%20the%20Insider %20Threat_0.pdf • http://www.thesecurityco.com/media/40631/Whitepaper-insider-threat_January2013.pdf • http://www.yourdictionary.com/external-threat • http://education-portal.com/academy/lesson/external-opportunities-threats-in-swot-analysis- examples-definition-quiz.html#lesson • http://itlaw.wikia.com/wiki/External_threat • http://searchsecurity.techtarget.com/tip/The-worse-of-two-evils-Internal-vs-external-security- threats • http://www.integritysrc.com/blog/223-internal-vs-external-threats-which-one-worries-you-more • http://smallbusiness.chron.com/difference-between-internal-external-threats-database- 74165.html • https://www.saintcorporation.com/solutions/smallBusiness.html