Haystax for Insider Threat is a sophisticated end-to-end Insider Threat Security Operations Center (InTh SOC) platform. Haystax's model-first User Behavior Analytics (UBA) continuously measures the trustworthiness of personnel in an organization, pinpointing early indications of the most serious risk from IP theft, sabotage, fraud, policy violations and other damaging behaviors. Starting with an expert model of insider risk behaviors, the platform integrates a wide array of network and non-network data that’s analyzed using a patented technology, and prioritized against the model. The system then displays the results within a sophisticated interface that interlaces multiple applications that automate or replace the SOC’s investigative workflow. With Haystax, risk and security professionals enable their existing program with speed, confidence and compliance.
Our panel of subject matter experts as they discuss the latest findings from the “Insider Attacks” survey. Panelists will analyze results, share use cases and exchange lessons learned with the audience that will dynamically participate in the discussion during this live Webcast. Participants will leave with a strong sense of what the industry is experiencing and what peers are doing to tackle this growing threat.
This webcast will provide attendees with:
Information security pros consistently rate insider threats as one of their top concerns, but often don't do much about it. According to the results of the 2015 SANS insider threat survey, 74% list insiders as among their top concerns, with 34% admitting to having been a victim of a successful insider breach that is estimated to cost their organization more than $1 million. Breaches caused by the misuse of insider credentials are so difficult to spot that 70% aren't noticed for months, according to the 2016 Verizon Data Breach Investigations Report. Sixty-three percent of breaches involving privileged access involved weak or stolen passwords, which is why the rapid growth of phishing and other credential-stealing tactics are growing so quickly. When it comes to preventing insider attacks, "prevention is more a state of mind than reality," according to SANS expert Eric Cole, Ph.D., author of the 2015 report Insider Threats and the Need for Fast and Directed Response. "Many organizations are still not creating and implementing insider threat programs and need to aggressively increase their focus to better protect the organization," Dr. Cole wrote in 2015. "They need to take aggressive steps to implement administrative and technical solutions for controlling the damage an insider can cause."
This webcast will explore the survey results with emphasis on:
Research and Webinar lead by: Eric Cole, PhD Eric Cole, PhD, is a SANS faculty fellow, course author and instructor who has served as CTO of McAfee and chief scientist at Lockheed Martin. He is credited on more than 20 patents, sits on several executive advisory boards and is a member of the Center for Strategic and International Studies' Commission on Cybersecurity for the 44th Presidency. Eric's books include Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible and Insider Threat. As founder of Secure Anchor Consulting, Eric puts his 20-plus years of hands-on security experience to work helping customers build dynamic defenses against advanced threats.