1 00:00:06,830 --> 00:00:08,610 - [Instructor] The insider threat is one of the most 2 00:00:08,610 --> 00:00:11,510 complicated challenges of cyber security today 3 00:00:11,510 --> 00:00:14,410 and will continue to be for many years. 4 00:00:14,410 --> 00:00:18,180 An insider is basically anyone that has access 5 00:00:18,180 --> 00:00:20,900 or inside knowledge to your organization 6 00:00:20,900 --> 00:00:22,560 and to your systems. 7 00:00:22,560 --> 00:00:25,700 Now, we have seen so many attacks 8 00:00:25,700 --> 00:00:27,640 that have started from the inside. 9 00:00:27,640 --> 00:00:30,070 Sometimes by disgruntled employees, 10 00:00:30,070 --> 00:00:33,730 other times by individuals that have been working 11 00:00:33,730 --> 00:00:36,980 with outside criminals, and in some cases 12 00:00:36,980 --> 00:00:40,350 even with nation state actors. 13 00:00:40,350 --> 00:00:44,130 Sometimes it does not take a sophisticated attacker 14 00:00:44,130 --> 00:00:45,820 to make a lot of damage. 15 00:00:45,820 --> 00:00:48,790 Anyone can actually be paid just to put a thumb drive 16 00:00:48,790 --> 00:00:52,070 or a pen drive on a computer, and then automatically 17 00:00:52,070 --> 00:00:54,920 install malware to compromise that system 18 00:00:54,920 --> 00:00:58,100 or any other systems in your organization. 19 00:00:58,100 --> 00:01:00,560 I also want you to understand that the insider threat 20 00:01:00,560 --> 00:01:02,600 goes beyond a malicious person. 21 00:01:02,600 --> 00:01:07,580 In other words, there is also the unintentional insider. 22 00:01:07,580 --> 00:01:11,660 Basically the unintentional insider is any current 23 00:01:11,660 --> 00:01:16,610 or former employee, or a contractor, or a business partner 24 00:01:16,610 --> 00:01:20,850 who has or had access to your systems, 25 00:01:20,850 --> 00:01:22,520 basically authorized access right, 26 00:01:22,520 --> 00:01:26,760 not in a malicious way, and then even through their acts, 27 00:01:26,760 --> 00:01:28,390 even though there were not malicious, 28 00:01:28,390 --> 00:01:32,130 or there were not of malicious intent, they can cause harm 29 00:01:32,130 --> 00:01:35,120 or substantially increase the probability 30 00:01:35,120 --> 00:01:39,300 of a future serious harm to the confidentiality, 31 00:01:39,300 --> 00:01:43,450 to the integrity, or the availability of your systems. 32 00:01:43,450 --> 00:01:46,400 Now, The Department of Homeland Security in the US 33 00:01:46,400 --> 00:01:49,790 has put a significant number of resources 34 00:01:49,790 --> 00:01:54,790 related to the insider threat as some videos and trainings, 35 00:01:54,920 --> 00:01:58,630 not only for government agencies in the US, 36 00:01:58,630 --> 00:02:02,120 but also for anybody that wants to create 37 00:02:02,120 --> 00:02:06,520 an insider threat program, so a mitigation program. 38 00:02:06,520 --> 00:02:09,270 They have insider threat mitigation guides. 39 00:02:09,270 --> 00:02:12,630 They have guides of the HR, the human resources role 40 00:02:12,630 --> 00:02:15,220 in preventing insider threats. 41 00:02:15,220 --> 00:02:17,130 They have even a maturity model, 42 00:02:17,130 --> 00:02:21,150 and ways that you can do benchmarks within your organization 43 00:02:21,150 --> 00:02:25,580 to measure the maturity model of your cybersecurity program 44 00:02:25,580 --> 00:02:28,100 whenever it comes to the insider threats. 45 00:02:28,100 --> 00:02:33,100 So I strongly suggest for you to visit and learn 46 00:02:33,130 --> 00:02:36,493 from the links that I'm highlighting in the screen.