Hi [[ session.user.profile.firstName ]]

Five Steps to Building an Effective Insider Threat Program

The greatest cybersecurity threat an organisation faces is no longer the malicious outsider hacking from beyond network firewalls. It is the insiders - the contractors, third party vendors and privileged users who already have full access to your company's systems and sensitive data.

According to Ponemon Institute’s report 2018 Cost of Insider Threats, the average cost of an insider threat is $8.76 million annually. Addressing this type of threat requires a different approach to addressing external threats; whether unintentional or malicious, organisations with sensitive customer data need to quickly identify and eliminate insider threat.

Attend this webinar to learn the top five steps for building and maintaining an effective insider threat program, with best practices and real-life examples, that you can use.

You will learn:

- The types of insiders behind these threats
1.How to determine if your organisation is doing enough to address the threats
2.Five key elements to building an effective insider threat strategy
3.How to move beyond IT and think of an insider threat management strategy as a combination of people, processes and technology – in that order.
Recorded Nov 29 2018 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Brandon Dunlap, Moderator, (ISC)², Simon Sharp, VP International, ObserveIT
Presentation preview: Five Steps to Building an Effective Insider Threat Program

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Password123456: How to Train Your Password Cracking Dragon Nov 5 2019 1:00 pm UTC 60 mins
    Brian Johnson, Security Enthusiast / Podcaster, Netwrix,Brandon Dunlap, Moderator, (ISC)²
    Password cracking is no longer rocket science but a handy skill for any penetration tester or system and network defender, or anyone who simply enjoys a good geek project. Join our webinar series by Brian Johnson, a cybersecurity enthusiast from 7 Minute Security, to learn how to set up cracking tools in the cloud (and on the cheap!) and better protect your organisation’s Active Directory environment.

    In this session, you will learn how to:

    Crack Active Directory and wireless passwords
    Make sure your password policy is strong enough to resist password cracking
    Download and customise the popular Pwned Passwords list
    Incorporate Pwned Passwords into Active Directory for free using the open source PwnedPasswordsDLL project
    Build customised lists of additional bad passwords
  • Countering Phishing Threats to The UK’s Critical National Infrastructure Oct 29 2019 1:00 pm UTC 60 mins
    Dr Rhys W CISSP, Advice and Guidance Lead, UK National Cyber Security Centre (NCSC), Brandon Dunlap, Moderator, (ISC)²
    Why organisations need a multi-pronged approach, rather than just filtering tools.
    Phishing is not new – most organisations receive phishing emails all the time. Despite wide awareness of what phishing is and most organisations having some phishing mitigations, NCSC’s work with cyber victims shows that most cyber compromises still start with phishing emails. There are many tools and services that can detect and block phishing emails, but none are completely effective. NCSC, the UK’s technical authority for cyber security, advocates a multi-pronged approach to dealing with phishing risks, including people-focussed measures and wider network security, as well as phishing detection tools. NCSC’s work has found that many organisations do not follow this multi-pronged advice. This webinar will show that a more holistic approach to managing phishing risks is far more effective than even the most advanced detection tools, if they are used on their own.
  • Key Attributes of a Modern Phishing Awareness Program Oct 22 2019 12:00 pm UTC 60 mins
    David Mount, Senior Director, Solutions Marketing, CofenseBrandon Dunlap, Moderator, (ISC)²
    As the phishing threat landscape continues to evolve at a pace that technology is unable to keep up with, organisations are turning to phishing awareness and simulation programs to plug the gap. Is your phishing awareness program keeping up with this changing landscape?

    Join Cofense as we explore the attributes of a modern phishing awareness program and see what our data, based on millions of phishing simulations, shows about awareness programs and simulation exercises.

    You will learn:
    -The statistical advantage of using an email reporting tool
    -The important role the end user plays in active defense
    -How often you need to send simulations for maximum resiliency
    -The advantages of basing simulations on active threats, not random dangers
    -Why ‘phish testing’ is the enemy of true phishing defense
  • The State Of Cyber: Global Trends, Predictions & the Lessons Learnt Oct 15 2019 12:00 pm UTC 60 mins
    John Titmus, Sr. Director, EMEA Cyber Security Expert, CrowdStrike, Brandon Dunlap, Moderator, (ISC)²
    Defending against modern adversaries requires the ability to detect and understand threats quickly and to respond decisively. CrowdStrike’s experts fight and win these battles every day, and have one of the industry’s most comprehensive pictures of today’s top cyber threats.

    Join us for a webcast featuring CrowdStrike’s John Titmus as he explores global observations and trends, and real-world intrusion case studies, delivering deep insights on modern adversaries, and their tactics, techniques, and procedures (TTPs).

    Key takeaways:

    -Global trends as seen across 1000s of real-world intrusion attempts, such as the emergence of mobile as a fruitful hunting ground for adversaries
    -How organisations are using the MITRE ATT&CK framework to shorten the time to investigate and understand threats
    -Why “speed” is the new critical metric in cybersecurity and the key steps you can take to improve your organisation’s ability to detect, investigate and remediate threats
  • Industry Insights: How to Launch a Privileged Access Security Program Recorded: Oct 8 2019 56 mins
    Maria Oliva, Director of Consulting Services EMEA, CyberArk, Brandon Dunlap, Moderator, (ISC)²
    Industry analysts and security leaders agree – organisations should prioritise privileged access security programs to maximize risk reduction with respect to the resources required for deployment. “Privileged Access” is what attackers seek, and this access is increasingly available in places organizations overlook including applications.
    Join us for a session that will cover the basics of privilege access security. We’ll address how to define a program with respect to people, process and technology. We’ll also review some lessons learned from the field that will facilitate a successful launch.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Oct 1 2019 50 mins
    Natasha Karelina, (ISC)² Customer Service Manager, EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Third Party Risk Management: Giving Context to Consumption Recorded: Sep 26 2019 62 mins
    Nick Trigg, Solution Consultant, BitSight, Eric LeMartret, Risk & Privacy Lead, ServiceNow, Brandon Dunlap, Moderator, (ISC)²
    Third-parties can pose a very real risk to an organisation. If the risk results in a breach, it can be costly – costlier even than if it did not include a third-party. In addition, new regulations are recognizing the importance of mitigating third party risk to provide greater protection for an individual’s personal data. In other words, managing your vendor’s risk is not only prudent, it’s required.

    This session will showcase how the combined forces of BitSight Security ratings and ServiceNow tackles the unique challenges of:

    - Positioning cyber security in context of the business.

    - Blending the Bitsight security ratings information with more traditional data sources, such as audits and questionnaires, to provide a fully rounded, up-to-date view of your third parties.
  • Should You Care About TLS Decryption? Recorded: Sep 24 2019 59 mins
    Ollie Sheridan, Principal Engineer Security, Gigamon, Brandon Dunlap, Moderator, (ISC)²
    With the second anniversary of the Equifax breach not so long ago and the fact that we now know much more about what happened due to the August 2018 release of the GAO Report. There was a lot of new information that came out of that report that was not well-understood at the time of the breach…. Did you know that while Equifax used a tool for network layer decryption, they had certificates nine months out of date? This lapse gave the threat actors all the time they needed to break in and exfiltrate reams of personal data. As soon as Equifax updated the certs on their decryption tools, they began to realise what had happened.

    On the heels of the Equifax breach, we are reminded of the importance of efficient decryption for effective threat detection. That’s more important than ever as today the Ponemon Institute reports that 50% of all malware attacks utilise encryption.

    During this webinar, Ollie Sheridan will talk about:
    - How TLS encryption has become a threat vector
    - Why decryption is essential to security and how to effectively perform detection
    - How to make sure your detection tools are working at their greatest capacity without the latency introduced by decryption
  • (ISC)²’s Digital Transformation Journey – Part 3 Recorded: Sep 17 2019 59 mins
    Bruce Beam, CIO, (ISC)²; Wes Simpson, COO, (ISC)²; Brandon Dunlap (Moderator)
    (ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 3 of the (ISC)² Digital End-to-End Transformation (DETE) webcast, we will examine the “new world” of what the project has provided to internal (how we serve the members and visitors), the members (what you as members see and experience) and what’s to come. Join Wes Simpson, COO and Bruce Beam, CIO on September 17, 2019 at 1:00PM Eastern for a discussion on these items and a Q&A with our COO and CIO.
  • Curing Alert Fatigue with Risk Based Alerting, MITRE ATT&CK and Automation Recorded: Sep 17 2019 59 mins
    James Hanlon, Director, Splunk, George Panousopoulos, Security Strategist, Splunk, Brandon Dunlap, Moderator, (ISC)²
    The problem of alert fatigue is symptomatic of a plague within most SOC environments, regardless of the tools and platforms being used. The general process within the industry for driving and managing security incidents is broken. It’s time to change perspective and build into alert creation processes a better prioritization procedure. This can be done by aligning it to a more intelligent risk scoring approach and frameworks like MITRE ATT&CK and automation. Security teams will be better positioned to make use of their existing toolchain, scale people and processes, and deliver a much more effective security capability. Join this webinar to learn:

    •The scale of alert overload and why organisations struggle with this problem. You are not alone
    •How to combine risk based alerting, MITRE ATT&CK and automation to optimise security investigation and reduce alert fatigue
    •Insights, learnings and benefits from SecOps teams that have already made this shift
    •Tricks and tips to help you transform the security investigation process using your existing tools and industry frameworks
  • Flipping the Cyberdefense Equation to Tip the Scales Back in Our Favor Recorded: Sep 12 2019 59 mins
    Rick McElroy, Head of Security Strategy, David Balcar, Security Strategist, Carbon Black, Brandon Dunlap, Moderator, (ISC)²
    Far too often, the cybersecurity industry focuses too heavily on all the advantages attackers have. We’ve all heard the saying: “Defenders have to be right 100% of the time while attackers only have to be right once.” Well, what if we could flip that equation?

    As defenders, we have the home field advantage, so why does it seem like we are consistently losing? In order to shift this model and tip the scales back in our favor, we need to be thinking about “Disruption in Depth” rather than just “Defense in Depth.” We need to be making attackers’ lives significantly harder. Attackers make mistakes all the time. Let’s make them have to be 100% right all the time instead of us.

    Join Carbon Black’s Head of Security Strategy, Rick McElroy, as he reveals the reality behind the modern threat landscape and uncovers what security teams can do today to tip these scales and make attacking your organization exponentially more difficult for attackers.
  • Environmental Separation Recorded: Sep 3 2019 56 mins
    Adam Brady, Systems Engineer, Illumio, Brandon Dunlap, Moderator, (ISC)²
    The separation of development, staging, test, and production environments using traditional network solutions is a challenge, or even an impossibility, for organizations with significant assets spread dynamically across heterogeneous data centres as well as public and hybrid cloud environments.

    Segmentation was first developed to improve network performance, but experts have realised that a ‘perimeter only’ approach to security is not working. As organisations seek to secure the interior of their networks have recognised that they need to be more dynamic and granular than previously - facing the challenges of time and resource head on to secure their critical business applications.

    This webinar will highlight:
    •The problem of Environmental Separation
    •A Network Segmentation 101
    •Segmentation Strategies
    •Industry Examples
    •A quick demonstration
  • (ISC)²’s Digital Transformation Journey - Part 2 Recorded: Aug 20 2019 58 mins
    Bruce Beam, (ISC)²; Beth Paredes, (ISC)²; Sommer Hess, (ISC)²; Brandon Dunlap (Moderator)
    (ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 2 of the (ISC)² Digital End-to-End Transformation (DETE) will examine how (ISC)² executed the plan for the project, following the AGILE Project Management framework and the buy-in and support from other departments and stake holders within the organization. Additionally, there was board governance and oversight to contend with. Join Bruce Beam, CIO; Beth Paredes, Sr. Corporate Member Services Manager; and Sommer Hess, Director PMO, Quality and Training on August 20, 2019 at 1:00PM Eastern for a discussion on these items and the speed bumps that were run into on this project.
  • Shift Left, Shift Right, or Run Security Right Through The Middle? Recorded: Aug 20 2019 57 mins
    Meera Rao, Senior Principal Consultant, Synopsys, Brandon Dunlap, Moderator, (ISC)²
    Demands for more secure software and more rapid application development have led to the emergence of DevSecOps. DevSecOps maturity requires a risk-based approach to adding security activities, increasing depth, and improving testing governance. The best strategy is to shift from a reactive to a proactive security approach that injects security at the right time and place with automated continuous testing. This presentation covers these aspects of automated continuous testing:

    1. Practices to avoid
    2. Drawbacks
    3. Prerequisites
    4. When and where to use automated testing
    5. Best practices for implementing and improving continuous testing throughout the development life cycle
  • CISO Says with Bruce Beam, CIO, (ISC)² Recorded: Aug 13 2019 60 mins
    Bruce Beam, CIO, (ISC)², Brandon Dunlap, Moderator, (ISC)²
    In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format.

    In this session Bruce Beam, Chief Information Officer at (ISC)² will provide insight into the path he took to become a Cybersecurity Leader and how he is reinventing the role in the face of accelerating industry change
  • Lessons from the field: How to Optimise Third Party Risk Management Recorded: Aug 6 2019 59 mins
    Kimberly Johnson, Senior Manager, Chris Poulin, Principal Consulting Engineer, BitSight, Brandon Dunlap, Moderator, (ISC)²
    As organisations increase their reliance on third-party vendors for outsourced solutions, they expand their attack surface.
    Today’s digital environment offers tremendous opportunities for modern organisations. At the same time, there is more risk. Vulnerabilities and infections plague organisations around the globe — and their numbers continue to rise.

    The tips discussed in this webinar will help you start managing third-party risk to centralise your program and get a preliminary perspective of the risks you face. Once this foundation is established, you can build on it and shift to a more proactive approach to managing third-party risk — and limiting your exposure.

    In this webinar, Chris Poulin (Principal Consulting Engineer, BitSight) and Kimberly Johnson Product Marketing Manager, BitSight) discuss:
    •The state risk and the rise of global vulnerabilities and infections.
    •The supply chain as an expanded attack surface.
    •5 tips for launching a third-party risk management program.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Jul 30 2019 62 mins
    (ISC)² Customer Service Team, EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • How to Prevent Breaches with Phishing Threat Intelligence Recorded: Jul 23 2019 56 mins
    Darrel Rendell, Principal Intelligence Analyst, Cofense, Brandon Dunlap, Moderator, (ISC)²
    Mottos like "If you see something, say something" speak to the power of human observation in preventing security disasters. Similarly, valuable human-generated intelligence can be effective in preventing data breaches emanating from phishing attacks. In today’s changing cyber threat landscape, humans need to be conditioned to recognise phishing attacks and security teams need to be armed with actionable threat intelligence to rapidly manage an attack once it hits.

    This is where Phishing Threat Intelligence comes into play. By extracting key IOCs from newer phishing threats and making them available to security teams, organisations can detect attacks in progress and respond quickly to reduce the effect of a breach. Plus, by incorporating the same intelligence and tactics in your awareness program, you can train your users to more quickly detect and report an active threat.

    Join this webinar to learn about:
    -The constantly changing threat landscape
    -Turning active, real threats into learning moments for your users
    -Speeding up response with timely, actionable intelligence
  • (ISC)²’s Digital Transformation Journey – Part 1 Recorded: Jul 16 2019 59 mins
    Bruce Beam, CIO, (ISC)²; Brandon Dunlap (Moderator)
    (ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. The road to DETE, however, took years of planning and execution as our team modernized our infrastructure and back-end systems, including migrating the majority of key systems to the cloud. In Part One of this series examining the journey the organization undertook, Bruce Beam, CIO, will discuss the rationale behind the initiative and steps taken to gain approval from the board of directors. Join us on July 16, 2019 at 1 p.m. Eastern as we begin this three-part, in-depth case study of how (ISC)² accomplished this ambitious project.
  • DDI data – a Critical Enabler of SOAR Recorded: Jul 9 2019 58 mins
    Michael Katz, Security Specialist, Infoblox, Brandon Dunlap, Moderator, (ISC)²
    Constantly evolving threats and shortage of qualified cybersecurity professionals have led security teams to move to security workflow automation to meet the demands. It’s not enough to have a great tool nowadays. These tools have to work better together to meet today’s security challenges. Security orchestration, automation and response (SOAR) tools improve efficiency and efficacy of security operations by automating threat intel management, event monitoring and incident response processes.

    One of the key sources of contextual network and threat intel data comes from infrastructure that organizations already rely on for connectivity – DNS, DHCP and IPAM. This data along with timely, reliable and accurate threat intel can be used to improve scoring and investigation, assist in prioritizing incoming incidents, and can be relied upon to build automation.

    Join this webinar to learn how a well architected DNS, DHCP and IPAM can power SOAR platforms to:

    -Block/unblock domains using context
    -Enrich other security tools with valuable IPAM data
    -Enhance and improve incident response with better threat intelligence
(ISC)² Secure Webinars - EMEA
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² Secure Webinars - EMEA Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Five Steps to Building an Effective Insider Threat Program
  • Live at: Nov 29 2018 1:00 pm
  • Presented by: Brandon Dunlap, Moderator, (ISC)², Simon Sharp, VP International, ObserveIT
  • From:
Your email has been sent.
or close