Insider Attacks (How, Why And What To Do)
|
|
|
||||||||||||
Description:
This is the video of the talk "Insider Attacks: The How’s, Why’s, and What to Do’s" given at Louisville Infosec by Dr. Eugene Schultz.
Abstract: An insider attack is intentional misuse by individuals who are authorized to use computers and networks. Insider attacks result in more financial and other loss than another other type of attack. Worse yet, detecting insider attacks is one of the most difficult tasks facing information security professionals, but an increasing amount of information about the nature of these attacks and strategies that inside attackers use, and ways of both preventing these attacks and/or limiting the damage that they can cause is becoming available. Based on this information, this talk describes the major types of risk resulting from the insider attacks, major types of insider attacks and motives for these attacks, appropriate information security policy provisions relevant to insider risks, how to better predict and detect insider attacks, and how to respond appropriately when insider attacks occur.
Speaker Bio: Dr. Eugene Schultz is CTO at Emagined Security, previous manager of an inforEugene Schultzmation security practice and national incident response team, and retired professor of computer science at University of CA at Berkeley. Gene is the author/co-author of a book on Unix security, another on Internet security, a third on Windows NT/200, a fourth on incident response, and the latest on intrusion detection and prevention. He is the former Editor-in-Chief of Computers and Security (2002-2007), is an associate editor for Network Security, is a SANS instructor and member of SANS NewsBites, has co-authored the 2005 & 2006 Certified Information Security Manager preparation materials, and is on the technical advisory board of three companies. He has received numerous industry and academic awards and has even provided expert testimony before committees in the US Senate and House of Representatives.
Abstract: An insider attack is intentional misuse by individuals who are authorized to use computers and networks. Insider attacks result in more financial and other loss than another other type of attack. Worse yet, detecting insider attacks is one of the most difficult tasks facing information security professionals, but an increasing amount of information about the nature of these attacks and strategies that inside attackers use, and ways of both preventing these attacks and/or limiting the damage that they can cause is becoming available. Based on this information, this talk describes the major types of risk resulting from the insider attacks, major types of insider attacks and motives for these attacks, appropriate information security policy provisions relevant to insider risks, how to better predict and detect insider attacks, and how to respond appropriately when insider attacks occur.
Speaker Bio: Dr. Eugene Schultz is CTO at Emagined Security, previous manager of an inforEugene Schultzmation security practice and national incident response team, and retired professor of computer science at University of CA at Berkeley. Gene is the author/co-author of a book on Unix security, another on Internet security, a third on Windows NT/200, a fourth on incident response, and the latest on intrusion detection and prevention. He is the former Editor-in-Chief of Computers and Security (2002-2007), is an associate editor for Network Security, is a SANS instructor and member of SANS NewsBites, has co-authored the 2005 & 2006 Certified Information Security Manager preparation materials, and is on the technical advisory board of three companies. He has received numerous industry and academic awards and has even provided expert testimony before committees in the US Senate and House of Representatives.