Managing Malicious Insider Threats to Information and Systems 2 days

The deliberate and malicious exploitation of company information systems and fraud by insiders can have a significant impact on a company’s profit and reputation or government’s sate secret.

As a result, officers must learn how to defend, detect and mitigate the malicious insider threats to information and information systems.

Course Content

Types of insiders

Suspicious behaviour and activity associated with the insider threat

Threats insiders pose to critical assets

Difference between malicious versus unintentional insider threat

Most common types of insider threat

Policy & legislation enacted to help prevent insider threat

Establishing controls to potentially prevent insider attacks

Best practices for insider threat mitigation

Best practices that can be implemented to prevent insider incidents or detect them a early as possible.

and more...

This workshop is designed for all officers tasked with protecting information and information systems of an organisation from internal abuse and data theft.

Military, civilian, and industry employees with access to classified information

The content will appeal to delegates at all levels of

seniority, however specific job titles may include, but are not limited to:

1. Information technology director
2. Information security director
3. Technology / infrastructure director
4. Operations, Finance and HR
5. Fraud, investigation, forensics
6. Legal and compliance
7. Regulatory affairs
8. Risk management / Operational risk management

1. How secure is your organization’s information systems and the data that reside on those systems? Although there is much debate over where the greatest threats lie, i.e., external (outside intruder) or internal (insider), the latter risk is quite often overlooked by many organizations.

2. We can all agree that an organization’s employees are often more familiar with its computer system than anyone else. Furthermore, many of these employees have access to sensitive information regarding the organization and its clients, customers, and vendors.

3. This makes employees prime candidates for sabotaging a system if they become disgruntled or for selling privileged and confidential information if they become greedy.

4. This course provides a thorough understanding of how Insider Threat Awareness is an essential component of a comprehensive security program. The course promotes the reporting of suspicious activities observed within the place of duty. Using a few case study scenarios, the course teaches the common indicators which highlight actions and behaviours that can signify an insider threat.