1 / 9

The Insider Threat and Data Loss Prevention

The Insider Threat and Data Loss Prevention. CSCE 727. Agenda. Background The Insider Threat Examples in the news Data Loss Prevention Questions. The Insider Threat.

yadid
Download Presentation

The Insider Threat and Data Loss Prevention

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Insider Threat and Data Loss Prevention CSCE 727

  2. Agenda • Background • The Insider Threat • Examples in the news • Data Loss Prevention • Questions

  3. The Insider Threat • An Insider Threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems.

  4. The Insider Threat – Example 1 • Steven Medlock was a disbursement specialist for the State Department’s Global Financial Services Center, which handles worldwide billings and other transactions for the agency. • The U.S. Attorney’s Office said he created a sham company that submitted fake invoices to collect about $58,700 in currency-exchange fees from September 2011 to April 2012. He also forged an unidentified person’s name on payment vouchers as part of the embezzlement, prosecutors said. • A Charleston judge has sentenced a former U.S. State Department employee to probation and home detention for embezzling almost $59,000 from the federal government

  5. The Insider Threat – Example 2 • Pfc. Bradley Manning - Enlisted intelligence analyst with privileged access. • Downloaded classified files from military networks and leaked them to the anti-secrecy website WikiLeaks. • Host-Based Security System was not installed to detect or prevent the removal of the classified files • Dishonorably discharged from the Army, sentenced to 35 years in prison of violations of the Espionage Act and other offenses. • Now known as Chelsea Elizabeth Manning.

  6. Data Loss Prevention • Data loss prevention solution is a system that is designed to detect potential data breach / data ex-filtration transmissions and prevent them by monitoring, detecting and blocking sensitive data while in-use, in-motion, and at-rest. In data leakage incidents, sensitive data is disclosed to unauthorized personnel either by malicious intent or inadvertent mistake. • Such sensitive data can come in the form of private or company information, intellectual property, financial or patient information, credit-card data, and other information depending on the business and the industry.

  7. Graphical demonstration of how data leaves a network

  8. The Insider Threat, Data Loss Prevention, and Information Warfare. • IW – The use and management of information technology in pursuit of a competitive advantage over an opponent. • Discover confidential data wherever it is stored and identifies data owners. • Monitor how data is being used and where it is going to provide visibility into broken business process and high-risk users. • Protect confidential data by automatically enforcing data loss policies; educating users about data security; securing exposed data; and stopping data leaks. • Manage data loss policies, incident remediation, and risk reporting. • Goals of deploying DLP to monitor Insiders is to Discover, Monitor, and Protect.

  9. Questions?

More Related