Imago Techmedia Ltd is registered in England and Wales under Company No. 04865455.
Registered Office: Bedford House, Fulham Green, 69-79 Fulham High Street, London, SW6 3JW, United Kingdom
Business Address: Imago Techmedia, 2C Bedford House, Fulham Green, 69-79 Fulham High Street, London, SW6 3JW, United Kingdom
Imago Techmedia is a subsidiary of Clarion Events Limited
Cyber Threat Protection Theatre
Wed 5th Oct 14:20 to 14:50
How do you spot the insider threat?
Insiders are the new malware. Nearly every major security breach starts with an insider, or an attacker using an insider’s credentials.
2015 was a remarkable year for insider threats. It’s estimated that the average organisation suffered from 3.8 insider attacks last year and 45% of businesses can’t tell if they’ve suffered a breach. In order to combat the insider threat, organisations need to shift their focus from the perimeter to their data itself.
Organisations have to face the new reality that it is not a matter of if they will be breached, but when they will be breached. Attackers are already inside – either rightfully as an employee or contractor, or through legitimate but compromised credentials as an outside hacker. Their presence on a network wouldn’t necessarily look suspicious to IT, but their activity would likely appear anomalous. Still, users’ behaviour on many internal systems is rarely monitored or analysed.
This session will review a User Behaviour Analytics methodology for connecting disparate sets of data to detect signs of a breach, arrest the actions, and recover from the incident.
What you will take away from this session
- What is User Behaviour Analytics and why your business should consider using it
- Understand the different stages of an insider threat incident
- What are the data sets and indicators to look out for that elevate otherwise indistinguishable user behaviour to indicate a serious threat in progress
- How User Behaviour Analytics can protect you from ransomware and other malware variants
|John Hughes||View Profile|