0      0

(ISC)2 Security Congress 2022

2101751 - Best Practices for Managing & Preventing Insider Threats from Interviewing Experts

Oct 10, 2022 4:00pm ‐ Oct 10, 2022 5:00pm


One of the largest issues with securing data is the exposure of insiders who work for organizations that pose a threat to the data that organizations need to protect. Organizations are becoming more desperate to find ways of stemming the damage. This talk expects to answer one question for the audience: What security control best practices are available to prevent insider cyberattacks, as perceived by cybersecurity experts? The session will present the findings from the multiple rounds of interviews and questionnaires used to gather the data and to develop an understanding of the controls used to address insider threats. There were 32 participants who were active cybersecurity practitioners responsible for securing the data of their organizations while working to prevent insider threats.

Learning Objectives:
  • Identify approaches for improving existing insider threat programs based on the joint experiences of fellow cybersecurity and insider threat practitioners.
  • Develop strategies for overcoming organizational challenges that block the effectiveness of existing insider threat security controls. The strategies are based on the joint experience of 32 insider threat professionals.
  • Define the three types of insider threats, list proven strategies that have been shown to address each type and describe solutions that have shown to have limited effectiveness with addressing insider threats.


You must be logged in and own this session in order to post comments.