Monday, October 23, 2006

Bejtlich Speaking on Insider Threat

I will participate in the DE Communications Inside Job Webinar at 1100 ET on Thursday 9 November 2006. I plan to discuss why traditional externally-focused security techniques and tools are not well suited to deterring, detecting, and removing insider threats.

By insider threat I do not mean flawed services on desktops. I mean parties with the capabilities and intentions to exploit vulnerabilities in assets. I guarantee you will hear me say that the "80%" figure is a myth.

Even though I am appearing with at least one other speaker (Jerry Shenk), this is not a debate. It will be a few people discussing an import subject. I have a few other Webinars in the works and all should be free. Please join us if you have the time and bandwidth.

Update: Here's a press release. I'm glad they included this quote:

"Insiders do not account for the mythical 80% of security incidents, but their privileged access allows them to inflict devastating harm upon organizations. Security tools and tactics designed to combat the traditional external threat will not work as well, or at all, against insiders," commented Mr. Bejtlich.

Right on.


Anonymous said...

Whoa! Why so late? Or is the 11-12am a typo?

JD said...

I'll see if I can't get my CISS class to attend, but no guarantees. While I would find it interesting, we may be watching yet another video on Kevin Mitnick.