Fraud Summit - San Francisco 2014 - The hackers get the headlines, but behind the scenes the stealthy insiders continue to pose huge fraud risks to banking institutions. And often the fraudsters are senior, trusted employees with privileged access to accounts and competitive data. Register for this session to learn about:
The latest insider threat research - who are the fraudsters, and how are covering up their crimes?
Unintentional insiders - innocent employees who fall victim to social engineering schemes or targeted attacks that lead to fraud.
New technology controls to help monitor disparate systems and detect anomalous behavior before fraud occurs.
As defined by the CERT Insider Threat Center within the Software Engineering Institute at Carnegie Mellon University, a malicious insider threat is "a current or former employee, contractor or other business partner who has or had authorized access to an organization's network, system or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity or availability of the organization's information or information systems."
Since 2001, the Insider Threat Center at CERT has conducted research into the threats posed by insiders and has gathered data on hundreds of cases of actual malicious insider incidents, including IT sabotage, fraud, theft of confidential or proprietary information, espionage and potential threats to the critical infrastructure of the United States.
Most recently, the Insider Threat Center has studied the unintentional insider threat, defined as:
"(1) a current or former employee, contractor, or business partner (2) who has or had authorized access to an organization's network, system, or data and who, (3) through action or inaction without malicious intent, (4) causes harm or substantially increases the probability of future serious harm to the confidentiality, integrity, or availability of the organization's information or information systems."
Register for this session to gain the latest insights on malicious and unintentional threats, as well as security solutions that can help detect and deter them.
ISMG's Fraud Summits are one-day events focused exclusively on the top fraud trends impacting organizations and the mitigation strategies to overcome those challenges.
Chief Counterintelligence Expert, Carnegie Mellon University CERT Insider Threat Center
Theis is chief counterintelligence expert at Carnegie Mellon's CERT Insider Threat Center. Theis has more than 25 years of experience as a counterintelligence supervisory special agent supporting the U.S. intelligence community, and more than 30 years of concurrent computer systems engineering experience. At Carnegie Mellon's CERT Insider Threat Center, Theis focuses on research and development of socio-technical controls in computational endoparacology. Previously, he was the first cyber counterintelligence program manager for the National Reconnaissance Office, where he served as chief of cyber-CI investigations and operations for more than six years.