Events , Fraud , Fraud Summit

Insider Fraud Detection - The Appliance of Science
Insider Fraud Detection - The Appliance of Science

Session Preview:

See the startling results of meticulous analysis of hundreds of real life insider attacks and learn about new technologies that are able to detect the anomalous behavior patterns often before fraud occurs.

See Also: Security Shouldn't be Boxed: The Cloudified Edge & End of an Era for Hardware Box Providers

The analysis results clearly indicate that contrary to the majority of headlines, stealthy insiders pose a huge fraud risk to organizations, flying far under the radar for extended periods of time. These insiders are often senior, trusted staff with privileged access to accounts and valuable data. Alternately, innocent employees become pawns when they fall victim to social engineering or targeted attacks that lead to fraud.

The following questions will be answered:

  • How can I predict and/or detect an internal attack?
  • What is the ratio of internal to external fraud attacks and their associated value?
  • What types of attacks do internal actors carry out and why?

Background

Even after the high-profile Edward Snowden leaks of information from the National Security Agency, most organizations still aren't taking insider threats as seriously as they should be. Too many organizations have not yet identified insider threats as being a critical issue. Yet, recent survey data indicates that insider fraud is the biggest threat to an organization.

Tracking and analyzing data that spans years is critical to detecting patterns that may indicate collusion or some other type of insider compromise. A common warning sign of insider fraud is the downloading of files or documents that are not germane to an employee's job.

In this presentation, Michael Theis, Chief Counterintelligence Expert at Carnegie Mellon University CERT Insider Threat Center discusses the types of insider schemes organizations most commonly face and the steps they can take to mitigate these risks. The presentation will:

  • Discuss types of insider threats and organization faces;
  • Review data and insights from the 2014 US State of Cybercrime Survey;
  • Define the types of insider threat activities; and
  • Provide mitigation strategies.

This session was recorded during the 2014 Fraud Summit Toronto. Additional recordings include:



Around the Network