Managing Insider Risks: How to Detect and Respond to Malicious and Unintentional Threats
Fraud Summit - Chicago 2014 - Insiders - whether malicious or unintentional - pose huge threats to any organization. And no group understands the risks better than the CERT Insider Threat Center within the Software Engineering Institute at Carnegie Mellon University. Register for this session to learn first-hand from CERT's Randy Trzeciak:
See Also: Creating a User-Centric Authentication and Identity Platform for the Healthcare Industry
- The latest insider threat research;
- All about unintentional insiders;
- New technology controls to help detect anomalous behavior before fraud occurs.
As defined by the CERT Insider Threat Center within the Software Engineering Institute at Carnegie Mellon University, a malicious insider threat is "a current or former employee, contractor or other business partner who has or had authorized access to an organization's network, system or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity or availability of the organization's information or information systems."
Since 2001, the Insider Threat Center at CERT has conducted research into the threats posed by insiders and has gathered data on hundreds of cases of actual malicious insider incidents, including IT sabotage, fraud, theft of confidential or proprietary information, espionage and potential threats to the critical infrastructure of the United States.
Most recently, the Insider Threat Center has studied the unintentional insider threat, defined as:
"(1) a current or former employee, contractor, or business
partner (2) who has or had authorized access to an organization's network, system, or data and who, (3) through action or inaction without malicious intent, (4) causes harm or substantially increases the probability of future serious harm to the confidentiality, integrity, or availability of the organization's information or information systems."
View for this session, presented exclusively at the 2014 Chicago Fraud Summit, to gain the latest insights on malicious and unintentional threats, as well as security solutions that can help detect and deter them.
ISMG's Fraud Summits are one-day events focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges.
All 2014 Fraud Summit Chicago recordings:
You might also be interested in …