CISO Executive Network Tuesday, January 26,2021
Combating Risky User Behavior
What is an insider threat? A malicious employee, an employee who makes a mistake, an outside actor with legitimate credentials, or all of the above? Over the last year we have been hearing from more of you that insider threat is becoming a top threat vector. In this series we will examine what really is an insider threat and best practices to mitigate that threat.
For years now, users of our systems and data have not been solely employees and contractors. The business has extended nearly all internal systems to our customers and third parties. We have little or no control of how they get in, as the business wants access to frictionless and always-on. With the recent pandemic, work-from-home has become the new work standard requiring remote access entirely. Attackers are well aware and have put significant effort into exploits that target the user, the devices they use, and the software employed to interact with applications.
Knowing that the user is often the weakest link in our security defense, how do you develop solutions that secure systems and data while making the user experience as "frictionless" as possible? The industry has responded with controls in the spaces of Identity and Access Management, User and Entity Behavior Analytics, Awareness, Email Security, Micro-segmentation, and Endpoint Security, to name a few.
In this roundtable series we expect to discuss:
- Protecting the user device AND the data they access
- Best methods to secure remote access
- Utilizing behavioral analytics to manage user risk (UEBA)
- Insider threat programs
- Evolution of IAM controls to limit access
- Email security including phishing prevention/detection and business email compromise
- Identity governance and lifecycle management
- Endpoint security including NGAV and EDR
- Micro-segmentation as a tool to limit horizontal attacker movement
- Protecting privileged users (PIM/PAM)
Sponsored by Beyond Identity, Okta, IBM