Governance & Risk Management , Insider Threat

Former NSA Deputy Director Chris Inglis on Combating Insider Threats

Part 3 in the 4 part series

In this third video of a four-part series, Chris Inglis, former NSA deputy director and current Securonix advisory board chair, sits down with Securonix CEO Sachin Nayyar to discuss today's insider threats.

Over time, the increasing complexity of enterprise systems has necessarily concentrated more power in the hands of individuals. Insiders can access more data, store more, and do more harm than ever before.

"Organizations vastly underestimate the likelihood of an insider attack," says Inglis. "It only takes one in a company of thousands. The proper estimation is one, as in 100 percent likely."

Insiders are not just defined as the employees and contractors within an organization, they are users or entities that operate with privileged access. An insider attack is any misuse of credentials that exploit vulnerabilities presented by privileged access to data and applications.

Traditional security tools are useless against attackers with privileged access and legitimate credentials. Defending the network is good. But what about protecting what really matters: the data! To detect misuse of privilege, organizations must have visibility into their data and real-time analytics of the behavior against it.


About the Author

John C. Inglis

John C. Inglis

former Deputy Director of the NSA

Inglis retired from the Department of Defense in January 2014 following over 41 years of federal service, including 28 years at NSA and seven and a half years as its senior civilian and Deputy Director. He began his career at NSA as a computer scientist within the National Computer Security Center followed by tours in information assurance, policy, time-sensitive operations, and signals intelligence organizations. Promoted to NSA's Senior Executive Service in 1997, Inglis held a variety of senior leadership assignments and twice served away from NSA Headquarters, first as a visiting professor of computer science at the U.S. Military Academy (1991-1992) and later as the U.S. Special Liaison to the United Kingdom (2003-2006).

Sachin Nayyar

Sachin Nayyar

CEO, Securonix

Nayyar has over 15 years of experience providing thought leadership around Information Security. He is a renowned thought leader in areas of Role Design, Role Management, Regulations, Risk Management, Compliance, Identity/Access and Governance. Prior to Securonix, Sachin was the Founder and CEO of Saviynt - a leading provider of Cloud Access Governance and Intelligence solutions and Vaau - makers of role management and identity compliance solutions, where he took the company from conception to acquisition by Sun Microsystems. While at Sun, he held the role of Chief Identity Strategist responsible for vision and direction of Sun's entire security portfolio.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.