Presentation is loading. Please wait.

Presentation is loading. Please wait.

CENTRA T ECHNOLOGY, I NC. 1 5 Steps To Protect Your Company Katherine D. Mills CENTRA Technology, Inc. Insider Threat:

Published byMarybeth Jennings Modified over 8 years ago

Similar presentations

Presentation on theme: "CENTRA T ECHNOLOGY, I NC. 1 5 Steps To Protect Your Company Katherine D. Mills CENTRA Technology, Inc. Insider Threat:"— Presentation transcript:

1 CENTRA T ECHNOLOGY, I NC. 1 5 Steps To Protect Your Company Katherine D. Mills CENTRA Technology, Inc. Insider Threat:

2 CENTRA T ECHNOLOGY, I NC. 2 Introduction  5 Step Process –Creating a plan for your company  Best Practices –Transforming your company –CI Indicators

3 CENTRA T ECHNOLOGY, I NC. 3 Threat is Now: Recent Malicious Insiders Major Nidal Hassan – Responsible for shooting at Fort Hood Texas Aaron Alexis – Responsible for shooting at the Washington Navy Yard Bradley “Chelsea” Manning – Unauthorized disclosure to WikiLeaks Edward Snowden – Unauthorized disclosure of NSA surveillance programs

4 CENTRA T ECHNOLOGY, I NC. 4 Other Malicious Insiders  Telecommunications employee  Aerospace engineer  Software engineer  Chemical contractor  Search insider threat –Hundreds of examples, costing the Government and companies millions

5 CENTRA T ECHNOLOGY, I NC. 5 Why Consider Insider Threat?  Protect national security and corporate assets –We don’t want to be in the news  Will be required by Government –Changes to NISPOM –Required by Sponsors  Want to ensure we are taking positive steps to protect our company and assets

6 CENTRA T ECHNOLOGY, I NC. 6 How to Begin…  Do your research: Tons of free resources available –CERT Common Sense Guide to Mitigating Insider Threats –DSS Insider threat video and brochures –FBI website and movie “Betrayed” –ONCIX website –ASIS “Confronting the Insider Threat,” October 2013

7 CENTRA T ECHNOLOGY, I NC. 7 CERT  Common Sense Guide to Mitigating Insider Threats

8 CENTRA T ECHNOLOGY, I NC. 8 Defense Security Service  Insider Threat videos and Brochures

9 CENTRA T ECHNOLOGY, I NC. 9 Federal Bureau of Investigation  The Insider Threat Page –An Introduction to Detecting and Deterring an Insider Spy  Betrayed: The Trusted Insider

10 CENTRA T ECHNOLOGY, I NC. 10 ONCIX  National Insider Threat Task Force (NITTF)  National Insider Threat Policy and the Minimal Standards

11 CENTRA T ECHNOLOGY, I NC. 11 ASIS International: Security Management  Confronting the Insider Threat –By Laura Spadanuta, October 2013 of Security Management

12 CENTRA T ECHNOLOGY, I NC. 12 Steps to Building a Plan  Team  Assets  Procedures  Awareness  Document plan

13 CENTRA T ECHNOLOGY, I NC. 13 Step 1: Identify the Team  Identify team members who understand and can contribute to the mission: –COO –HR –Security –IT  Who will be responsible for: –Drafting the plan –Regular meetings –Budget approval –Reporting to sponsors and Government –Conducting an Investigation

14 CENTRA T ECHNOLOGY, I NC. 14 Step 2: Understand Your Assets Conduct a risk assessment Talk to management about assets: –What are the corporate jewels? –How well are they currently protected? –How sensitive are they? What is the risk if they are leaked? –Who has access to the information?

15 CENTRA T ECHNOLOGY, I NC. 15 Step 3: Tighten Up Procedures  Tighten procedures –Termination procedures –Unclassified data handling and access –IT system access  Document expectations to staff  Violation policy

16 CENTRA T ECHNOLOGY, I NC. 16 Step 4: Security Education  Free cartoons, brochures, articles available –No need to reinvent the wheel!  Incorporate insider threat into annual refresher training  Monthly security news item on reporting  Update current policies and publicize  Ensure staff understand reporting; make it easy for staff to report confidentially

17 CENTRA T ECHNOLOGY, I NC. 17 Step 5: Draft a Plan  Document what you have learned  Steps 1-4: –Team –What are assets and overall risk –What procedures have been impacted –Security education program  Work-in-progress

18 CENTRA T ECHNOLOGY, I NC. 18 Confronting the Insider Threat “It is important for each company to identify what an insider threat is and to set a policy in place on how to deal with insider threats. The policies must outline certain types of behavior that warrant scrutiny, disciplinary action, or even termination so that companies have a basis from which to work when they do identify potential threats.” ASIS: Confronting the Insider Threat by Laura Spadanuta, October 2013

19 CENTRA T ECHNOLOGY, I NC. 19 Encourage Reporting  Encourage employees to report  Provide confidential means of reporting  Staff holding security clearance are required to report adverse information, including potential threats  Trust your instincts, if you see something, say something!  It is better to report something that turns out to be nothing than to not report a serious security issue

20 CENTRA T ECHNOLOGY, I NC. 20 Detecting the Insider Post incident investigations reveal family, friends, or coworkers notice a suspect’s indicators, but they fail to report concerns “ Subjects often tell people close to them what they are doing, and sometimes even engage associates in the process. Former intimates (spouses, lovers, close friends – people with whom they spent a good deal of time) are a potentially important source of information in all investigations.”* * Source: Declassified Director of Central Intelligence Memorandum of 12 April 1990; Subject: Project Slammer Interim Report

21 CENTRA T ECHNOLOGY, I NC. 21 Threat Indicators  Apparent unexplained affluence or excessive indebtedness  Efforts to conceal foreign contacts, travel, or foreign interests  Access to information or IT systems without need-to-know  Exploitable behavior –criminal activity –excessive gambling –drug or alcohol abuse –problems at work  Questionable judgment or untrustworthiness

22 CENTRA T ECHNOLOGY, I NC. 22 Threat Indicators, cont.  Apparent mental, emotional or personality disorders(s)  Disgruntled  Working odd or late hours  Unreported foreign travel  Suspicious foreign contacts  Requesting access to information outside of official job duties including sensitive or classified information

23 CENTRA T ECHNOLOGY, I NC. 23 Summary of Best Practices  Know your people; recognize concerning behaviors as potential indicators  Protect your “crown jewels”  Pay close attention at termination  Monitor ingress and egress points (IT systems and physical security)  Baseline normal activity and look for anomalies  Work together across organization  Educate employees regarding potential recruitment

24 CENTRA T ECHNOLOGY, I NC. 24 Sources http://threatgeek.typepad.com/.a/6a0147e41f3c0a970b0177429dd0ce970d-pi

Download ppt "CENTRA T ECHNOLOGY, I NC. 1 5 Steps To Protect Your Company Katherine D. Mills CENTRA Technology, Inc. Insider Threat:"

Similar presentations

31511230/0403 © 2004 Business & Legal Reports, Inc. BLRs Training Presentations Privacy Issues in the Workplace.

/0403 © 2004 Business & Legal Reports, Inc. BLRs Training Presentations Privacy Issues in the Workplace.
Adverse Information Adverse Information:

Adverse Information Adverse Information:
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.

What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.
Annual Security Refresher Briefing. General Information Edmonds Enterprises Services (EES) and Logistics Applications Inc. (LAI) as Defense Contractors.

Annual Security Refresher Briefing. General Information Edmonds Enterprises Services (EES) and Logistics Applications Inc. (LAI) as Defense Contractors.
An introduction to Child Protection and Safeguarding www.worcester.ac.uk.

An introduction to Child Protection and Safeguarding
F ACILITY S ECURITY Presented by: Dela Williams. 2.

F ACILITY S ECURITY Presented by: Dela Williams. 2.
INTRODUCTION o DISCUSS ADOPTION OF FRAUD AND THEFT POLICY o ASSIGNS RESPONSIBILITY FOR REPORTING FRAUD AND THEFT o PROVIDES GUIDELINES FOR INVESTIGATIONS.

INTRODUCTION o DISCUSS ADOPTION OF FRAUD AND THEFT POLICY o ASSIGNS RESPONSIBILITY FOR REPORTING FRAUD AND THEFT o PROVIDES GUIDELINES FOR INVESTIGATIONS.
Espionage Indicators Updated 08/21/13 U.S. Department of Commerce Office Of Security (OSY) Security is Everyone's Responsibility 1 Briefing.

Espionage Indicators Updated 08/21/13 U.S. Department of Commerce Office Of Security (OSY) Security is Everyone's Responsibility 1 Briefing.
Section Nine: Reporting Requirements Note: All classified markings contained within this presentation are for training purposes only.

Section Nine: Reporting Requirements Note: All classified markings contained within this presentation are for training purposes only.
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.

S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
CORPORATE ESPIONAGE COUNTERMEASURES Daniel J. Benny, M.A., CPP, PCI, CCO, CLET Private Investigator & Security Consultant.

CORPORATE ESPIONAGE COUNTERMEASURES Daniel J. Benny, M.A., CPP, PCI, CCO, CLET Private Investigator & Security Consultant.
The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.
The Department of Defense Intelligence Oversight Program

The Department of Defense Intelligence Oversight Program
Espionage Indicators Briefing 1 U.S. Department of Commerce

Espionage Indicators Briefing 1 U.S. Department of Commerce
WELCOME Annual Meeting & Compliance Seminar. Code of Conduct - Impact on Corporate Culture by Andy Greenstein Knight Capital Group, Inc.

WELCOME Annual Meeting & Compliance Seminar. Code of Conduct - Impact on Corporate Culture by Andy Greenstein Knight Capital Group, Inc.
School Safety Training

School Safety Training
Information Systems Security Officer

Information Systems Security Officer
Supplier Ethics: Program Checklist

Supplier Ethics: Program Checklist

Similar presentations

Ads by Google