Insights on Detecting Insider ThreatsCarnegie Mellon's Theis on Applying Science-Based Models to Fight the Battle
Despite the focus on external cyberattacks, insider attacks are almost as common and can potentially cause significantly more damage, says Michael Theis, chief counterintelligence expert at Carnegie Mellon's CERT Insider Threat Center.
In this video interview at Information Security Media Group's 2015 San Francisco Fraud Summit, Theis describes how science-based models can help organizations fight the battle from within. He also discusses:
- The four categories of insider threats;
- The type and degree of damage resulting from insider attacks; and
- The models and strategies CERT has devised to mitigate such threats.
Theis has more than 25 years of experience as a counterintelligence supervisory special agent supporting the U.S. intelligence community, and more than 30 years of concurrent computer systems engineering experience. In his role at Carnegie Mellon's CERT Insider Threat Center, he focuses on research and development of socio-technical controls in computational endoparacology. Previously, he was the first cyber counterintelligence program manager for the National Reconnaissance Office, where he served as chief of cyber-CI investigations and operations for more than six years.