[Launchpad] How Effective Insider Risk Management is Essential to Operational Reliability
About This Session
Organizations in the energy and utility industries must vigilantly defend against a number of risks with the potential to disrupt critical operations. While protecting against cyberattacks from external threats is critical, guarding against internal threats that can compromise reliability of services is equally vital.
Whether done with malicious intent to harm operations or due to simple negligence that is unintentional, insider risk events pose a real threat to critical infrastructure industries today. Preventing them requires more than simply detecting and remedying an event. Effective insider risk management solutions proactively identify the precursors of an event and provide the right level of visibility to mitigate the risk before any unauthorized action becomes a threat to operations or other employees.
Proactively monitoring and analyzing the many variables that can contribute to insider risk is a daunting task for any internal risk management team. Fortunately, the rise of AI has enabled new tools for faster, more thorough insider risk analysis.
AI can correlate numerous precursor and stressor risk indicators with behavioral data across different departments such as Human Resources, IT and physical security systems to more efficiently expose a potential risk.
AI makes possible linguistic analysis that inspects subjective information contained in employee emails, chat logs and other communications for troubling content that gives indication of potential threatening behavior.
AI also enables deep data analytics of vast quantities of risk indicators and customization of metrics by an organization to efficiently and effectively identify anomalous behavior associated with malicious and non-malicious intentions from insiders.
Effective insider risk programs don’t just give analysts insight to what happened, but also why it may have happened. The reason behind the event could mean the difference between the costly and time-consuming option of separating an employee from the organization and re-training a replacement and simply reminding the employee to not to upload files to an unsecure server. By understanding the root cause, effective insider risk programs can provide business value to the organization through a reduction in the mean time to investigate (MTTI) and meant time to remediate (MTTR) an employee or organization behavior.
Today’s operational environment is making it more and more difficult for organizations to defend against insider risks. Organizations in the energy and utility sectors are increasingly leveraging AI-enabled insider threat management tools to successfully manage and avert internal risks.
Participants will learn:
-Various factors that contribute to either malicious or negligent insider risk within organizations
-The monitoring and analysis elements of a successful insider risk management program
-How AI-enabled tools contribute to more effective and efficient insider risk management
Whether done with malicious intent to harm operations or due to simple negligence that is unintentional, insider risk events pose a real threat to critical infrastructure industries today. Preventing them requires more than simply detecting and remedying an event. Effective insider risk management solutions proactively identify the precursors of an event and provide the right level of visibility to mitigate the risk before any unauthorized action becomes a threat to operations or other employees.
Proactively monitoring and analyzing the many variables that can contribute to insider risk is a daunting task for any internal risk management team. Fortunately, the rise of AI has enabled new tools for faster, more thorough insider risk analysis.
AI can correlate numerous precursor and stressor risk indicators with behavioral data across different departments such as Human Resources, IT and physical security systems to more efficiently expose a potential risk.
AI makes possible linguistic analysis that inspects subjective information contained in employee emails, chat logs and other communications for troubling content that gives indication of potential threatening behavior.
AI also enables deep data analytics of vast quantities of risk indicators and customization of metrics by an organization to efficiently and effectively identify anomalous behavior associated with malicious and non-malicious intentions from insiders.
Effective insider risk programs don’t just give analysts insight to what happened, but also why it may have happened. The reason behind the event could mean the difference between the costly and time-consuming option of separating an employee from the organization and re-training a replacement and simply reminding the employee to not to upload files to an unsecure server. By understanding the root cause, effective insider risk programs can provide business value to the organization through a reduction in the mean time to investigate (MTTI) and meant time to remediate (MTTR) an employee or organization behavior.
Today’s operational environment is making it more and more difficult for organizations to defend against insider risks. Organizations in the energy and utility sectors are increasingly leveraging AI-enabled insider threat management tools to successfully manage and avert internal risks.
Participants will learn:
-Various factors that contribute to either malicious or negligent insider risk within organizations
-The monitoring and analysis elements of a successful insider risk management program
-How AI-enabled tools contribute to more effective and efficient insider risk management
Speaker
Shibu Thomas
Field CTO for Global Insider Risk Solutions - Everfox
Shibu Thomas is Everfox’s Field CTO for Global Insider Risk Solutions. Shibu has been in the IT/Cyber Security space for over 24 years, working in various roles from IT support/systems administration and professional services to sales engineering/consulting. During the past 18+ years he has been focused on Insider Risk with an emphasis on user and data protection. Shibu has worked with both US Government and private sector companies in various capacities over this period, with an emphasis on acquiring, implementing, and maintaining these Insider Risk solutions. In his current role, Shibu continues to work with both US Government, foreign Government, as well as US and International companies as they research and acquire Insider Risk solutions.