Advertise on ITWeb         Tue, 06 Dec, 17:54:42 PM

Fighting the insider threat

Mai Moodley, divisional head (GM): financial systems and processes at the State Information Technology Agency.

Mai Moodley, divisional head (GM): financial systems and processes at the State Information Technology Agency.

Although vast amounts of money, time and other resources are being spent on IT security, too often a major link in the defence chain is ignored. Attackers are well aware of this weak link, and are on the lookout for new ways to exploit it.

What many companies don't realise is that the biggest threat is not necessarily lurking around on the dark Web. It is sitting in the office down the hall. The threat from insiders, either malicious or accidental, should not be ignored.

Insider attacks have happened to businesses of all types and sizes, and across all industries. Many of these have proved catastrophic, costing hugely in terms of lost revenue and damaged reputation. Insider crimes range from small, simplistic acts of fraud, to highly sophisticated sabotage.

At the ITWeb Security Summit 2016, to be held at Vodaworld from 17 to 19 May, Mai Moodley, divisional head (GM): financial systems and processes at the State Information Technology Agency, will discuss the insider scourge in a presentation entitled ‘The enigmatic, invisible man'.

"Security practitioners have often referred to the inside threat as being the most difficult to both understand and counter against," says Moodley. "Unlike, external threats which may often be associated with criminal syndicates to industrial espionage, internal threats are more challenging to explain beyond broad-based references to fraud, disgruntlement and the maliciousness."

In this presentation, Moodley will create a more clearer understanding of what this internal threat looks like by drawing on different published case studies to put a face to the ‘enigmatic invisible man'.

He says his presentation will examine how to identify, monitor and mitigate against the internal security threats that organisations face, beyond the hype.

By carefully unravelling and discussing the different tell-tale signs that security practitioners should be wary of, Moodley will show that the inside man is neither necessarily invisible nor enigmatic.

Instead, he will argue that the extent of threat is potentially complicated by the failure to apply proper and continuous screening mechanisms to integrated security disciplines that are adaptively aligned to the organisation's risk profile.

Enjoyed this story? Subscribe to ITWeb's Security News newsletter.

Our comments policy does not allow anonymous postings. Read the policy here




 

 

 

Sponsors Message