Cyber Beat Live: I'm In! When insiders threaten our security
How does your organization work to prevent insider threats? Leading cybersecurity experts discussed ways that companies could reorient their security posture to face an age in which trust seems inadequate. Here are some of the questions discussed:
- What do you think would be the most extensive damage done by an insider?
- How do we avoid hiring employees who are prone to insider threat? Are there indicators we can look for? Are these be evident in screening?
- What roles in an organization are most likely to pose insider threats?
- How can the human resources department and the chief information security officer (CISO) help prevent insider attacks?
- What dangers lie in thinking about insider threats as merely a technology problem?
- Is training the answer? What else should be done to mitigate insider threats?
- In an age when information is so easy to steal, what can we do to prevent insider threat theft when “trust” seems inadequate?
- How can we identify and counter external cyber threats that might be linked to insiders’ internal cyber threat activities?
- What are the primary motivations for someone to commit insider threat?
Bob Stasio is a senior product manager of cyber analysis with IBM i2 Safer Planet. He brings nearly 14 years of expertise fighting top-tier malicious actors in the intelligence community, the US military, the National Security Agency (NSA) and the commercial sector. Stasio also served on the initial staff of US Cyber Command. During the troop surge of 2007, his intelligence unit supported the detainment of more than 450 high-value targets.
Morgan Wright is an internationally recognized expert on cybersecurity strategy, cyber terrorism, identity theft and privacy whose landmark congressional testimony about Healthcare.gov changed how the government collected personally identifiable information. He has spoken on cybersecurity to audiences around the world in hundreds of appearances on national news programs and radio broadcasts, as well as in print and online.
Scott N. Schober, a cybersecurity expert, is president and CEO of Berkeley Varitronics Systems, Inc., a 40-year-old provider of advanced wireless radio frequency (RF) test and security solutions. Schober has overseen the development of numerous cell phone detection tools used to enforce “no cell phone” policies in corporate, correctional, law enforcement, military, secured government and university facilities. He regularly appears on Arise TV, Bloomberg TV and Canadian TV News and has made numerous appearances as a cybersecurity expert on Al Jazeera America, CCTV America, CNBC, CNN, Fox Business Channel, Fox News, Inside Edition, MSNBC, One America News (OAN), PIX11 and TheBlaze, among other outlets. Schober has also presented as a subject-matter expert (SME) discussing cybersecurity and corporate espionage at numerous conferences worldwide.
Paul Janes, CISSP, GIAC GISP is president of CoreTriad, LLC, a locally owned company that specializes in vulnerability assessments for small businesses while also developing online training for cybersecurity professionals. He has been involved as a subject-matter expert in the development of an accredited Cyber First Responder Certification and is a speaker for industry security conferences. Paul has more than 19 years of experience in IT security with a Fortune 500 company. His areas of expertise include vulnerability assessments, penetration tests, data loss prevention (DLP), risk management, project management and server management. Paul graduated with distinction from Capella University, earning a master’s degree in information assurance, and holds a bachelor’s degree in computer and information studies from Syracuse University.