Proactive Measures to Mitigate Insider Threat
The threat posed by rogue insiders affects every organization worldwide. The difficulties in balancing employees’ legitimate need to access corporate data along with the need to compartmentalize access are often in conflict. This presentation will walk through several real-world insider threat cases and discuss proactive measures that could have greatly mitigated the damage and losses.
Speaker
Andrew Case (@attrc)
Director of Research, Volexity
Andrew Case is an incident response handler and malware analyst. He has conducted numerous large-scale investigations that span enterprises and industries. Case’s previous experience includes penetration tests, source code audits, and binary analysis. Case is the co-developer of Registry Decoder, a NIJ funded forensics application, as well as a developer of the Volatility memory analysis framework. He is a co-author of the highly popular and technical forensics analysis book “The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory.” Case has presented at conferences, including RSA, Black Hat, SOURCE, BSides, DFRWS, SecTor and OMFW. In 2013, Case was voted Digital Forensics Investigator of the Year by his peers within the forensics community.
Detailed Presentation
(Source: RSA USA 2016, San Francisco)
Comments