Insider Threat Detection: Lessons From the Trenches Based on Real Insider Cases
This session shares the empirical findings of the CERT Insider Threat Center's more than 15 years of research into both malicious and unintentional insider threats. The presentation shows how the insider threat is pervasive in all sectors, both private and public, and how most organizations have been forced to deal with these threats. CERT also shares what types of threats are most likely to occur (intellectual property theft, fraud, IT sabotage, industrial espionage, etc.) and which trusted insiders are most likely to be engaged in these attacks. This session explores mitigation strategies and includes references to numerous free resources that can aid organizations in the detection and prevention of, and response to, insider threat attacks.