Insider threats pose a serious and complex risk for organisations, as they involve individuals with legitimate access to organisational assets and sensitive data. Unlike external threats, insider threats happen within the trusted boundaries of the organisation, making them harder to detect and mitigate and increasing the potential damage.
In order to effectively mitigate insider threats, organisations need to have detailed understanding of the different types of threats and of the specific measures needed to counter each of them. However, available insider threat taxonomies often focus primarily on compliance aspects only.
In this CyberSecMonth webinar, prof. Karen Renaud (University of Strathclyde) will present an inclusive taxonomy of insider threats that moves beyond the simple compliance/non-compliance dichotomy. Insider threats categories presented will then be mapped to corresponding mitigation strategies and measures that can be deployed to reduce the threat.
Finally, prof. Karen Renaud will share insights on her recent research and engage with the audience in a dedicated Q&A session.
About the speaker
Karen Renaud is a Scottish computing Scientist at the University of Strathclyde in Glasgow, working on all aspects of Human-Centred Security and Privacy. She is particularly interested in deploying behavioural science techniques to improve security behaviours, and in encouraging end-user privacy-preserving behaviours. She collaborates with academics in 5 continents and incorporates findings and techniques from multiple disciplines in her research.
Taxonomy Paper: "VISTA: An inclusive insider threat taxonomy, with mitigation strategies", Karen Renaud, Merrill Warkentin, Ganna Pogrebna, Karl van der Schyff, Information & Management, Volume 61, Issue 1, 2024, 103877, ISSN 0378-7206, https://doi.org/10.1016/j.im.2023.103877
The GÉANT Cyber Security Month 2024 campaign features a programme of four webinars by experts from the R&E community. The webinars will take place every Thursday afternoon in October from 15:00 to 16:00 CEST. Check the full programme here: https://connect.geant.org/2024/09/20/unveiling-geant-cyber-security-month-webinar-programme-register-today