behavioral analytics: the future of just-in-time awareness training
TRANSCRIPT
Behavioral Analytics: The Future of Just-in-Time Awareness TrainingTom Pendergast, Ph.D. Gaby FriedlanderChief Strategist CTOMediaPro ObserveIT
OutlineIdentifying the real insider threat risks in your environment
Providing meaningful education to address those risks
Radically reducing meaningless training
Tom PendergastChief Strategist MediaPro
Gaby FriedlanderCTOObserveIT
Who is ObserveIT?
Over 1,200 Customers Worldwide
ObserveIT is the global leader in Insider Threat Managementsolutions
Boston, MA | Founded 2006 | Bain Capital
3
Insiders Are Responsible for 90% of Security Incidents*
* Verizon 2015 Data Breach Investigations Report
33%
67%
Unintentional
Malicious
Careless users Users uneducated in
security best practices
Malicious/greedy users Disgruntled employees Corporate spies
5
Current Events Prove It!
AT&T Barclays Bank DuPont eBay JP Morgan Chase Korea Credit Bureau Shanghai Roadway D&B Marketing Services Target TRW Information Systems UMB Bank Vodafone And many more...
Insiders (or insider accounts) wereresponsible for data breaches at: Existing solutions cannot Detect Passwords in
text, cannot understand if employee sells his password
Employee could export names out of Salesforce and send them by email to a competitor. DLP Classification would not be able to correlate names to actually customers
Why other solution are not working:
Insider Threat Requires a Proactive Approach
Behavior Shaping
Homes With Security Stickers and Signs are 80% Less Likely to be Targeted
The ObserveIT Insider Threat Management Platform
Old School:“Train ‘Em All”
Everyone hears same message, but …
Alienating
Irrelevant
Costly
New School:“Right content to the right people”Something for all
Targeted on role
Brief
Engaging
Just in TimeLimited deployment to “all hands”
Targeted by group and individual
Frequent
Meaningful
Measurable
16
What Will It Take?
Analytical Tools
Flexible Content
17
What Will It Look Like?
Identify User Behavior
Deliver Targeted Education
How’s It Play Out?
19
How’s It Play Out?
20
How’s It Play Out?
Security Basics Role-Based Security
Targeted Training
24
What Will It Mean?
Decreased Boredom
25
What Will It Mean?
Increased Relevance
26
What Will It Mean?
Risk-Aware Culture
Thanks for Attending!MediaProwww.mediapro.com425-483-4700
ObserveITwww.observeit.com617-946-0235