Insiders - whether malicious or unintentional - pose huge threats to any organization. And no group understands the risks better than the CERT Insider Threat Center within the Software Engineering Institute at Carnegie Mellon University. Register for this session to learn first-hand from CERT's Randy Trzeciak:
The latest insider threat research;
All about unintentional insiders;
New technology controls to help detect anomalous behavior before fraud occurs.
Additional Summit Insight: Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.
As defined by the CERT Insider Threat Center within the Software Engineering Institute at Carnegie Mellon University, a malicious insider threat is "a current or former employee, contractor or other business partner who has or had authorized access to an organization's network, system or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity or availability of the organization's information or information systems."
Since 2001, the Insider Threat Center at CERT has conducted research into the threats posed by insiders and has gathered data on hundreds of cases of actual malicious insider incidents, including IT sabotage, fraud, theft of confidential or proprietary information, espionage and potential threats to the critical infrastructure of the United States.
Most recently, the Insider Threat Center has studied the unintentional insider threat, defined as:
"(1) a current or former employee, contractor, or business
partner (2) who has or had authorized access to an organization's network, system, or data and who, (3) through action or inaction without malicious intent, (4) causes harm or substantially increases the probability of future serious harm to the confidentiality, integrity, or availability of the organization's information or information systems."
View for this session, presented exclusively at the 2014 Chicago Fraud Summit, to gain the latest insights on malicious and unintentional threats, as well as security solutions that can help detect and deter them.
ISMG's Fraud Summits are one-day events focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges.
All 2014 Fraud Summit Chicago recordings:
Trzeciak heads a team focusing on insider threat research, threat analysis and modeling, assessments and training. He has more than 20 years of experience in software engineering, focusing on database design, development and maintenance. In addition to his role with CERT, he is an adjunct professor at Carnegie Mellon's Heinz College, Graduate School of Information Systems and Management.