What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close


Auditing Your Data for Insider Threats

It’s not easy to discover the malicious insider. In most organizations, employees are credentialed users of an agency’s system and are assumed to be trusted. That’s because the prevalent technology used to help pinpoint security threats — intrusion detection systems, data loss prevention systems, security incident and event management tools, anti-spyware software, and data from firewalls, routers and switches — don’t provide the context required to know what’s normal behavior and what’s not, often the difference between innocent behavior and the actions of a malicious insider.

You can systematically identify cases of insider fraud by thinking differently about your data and asking the right questions of a big data system that can collect any type of data, even from external publicly available databases.

Register for this webinar and learn:

  • How to create operating capabilities that align with the President’s National Insider Threat Policy and Minimum Standards
  • The role Intelligence Community Standards (ICS) 500-27 and 700-2 should play in data gathering and analysis
  • How big data bridges gaps left by traditional security incident and event management (SIEM) tools and data loss prevention (DLP) systems
  • Methods for understanding what’s normal and what’s not using statistical analysis

Plus, see a live demo covering the insider threat data audit requirements in ICS 500-27 by Splunk partner Qmulos.