Even after the high-profile Edward Snowden leaks of information from the National Security Agency, most organizations still aren't taking insider threats as seriously as they should be, says Michael Theis, a chief counterintelligence expert at Carnegie Mellon University's CERT Insider Threat Center. He'll be a featured presenter at Information Security Media Group's Fraud Summits in Toronto and London.
"You would think that the problem would be getting better," Theis says in an interview with ISMG. "But according to our data, it has not changed over the last 10 years."
Too many organizations have not yet identified insider threats as being a critical issue, he says. "It takes some analytics ... to identify the vulnerabilities," Theis says.
Tracking and analyzing data that spans years is critical to detecting patterns that may indicate collusion or some other type of insider compromise, Theis says. A common warning signs of insider fraud, he says, is the downloading of files or documents that are not germane to an employee's job.
During his presentations at Sept. 17 summit in Toronto and the Sept. 23 event in London, Theis will discuss the types of insider schemes organizations most commonly face and steps they can take to mitigate their risks. Registration information is available online.
In this interview, Theis also discusses:
- Ongoing research conducted by his team on the most common types of insider threats;
- Why unintentional insider threats can be just as damaging as intentional fraud; and
- How big data is opening new doors for fraud detection.
Theis has more than 25 years of experience in counterintelligence, including his experience as a supervisory special agent supporting the U.S. intelligence community. Coupled with his more than 30 years of concurrent computer systems engineering experience, he has helped the CERT Insider Threat Center further its research and development of socio-technical controls in computational endoparacology, better known as insider threats. Previously, he was the first cyber counterintelligence program manager for the National Reconnaissance Office.