Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITP Maturity Model Survey 2018

Published byBlaze Boone Modified over 6 years ago

Similar presentations

Presentation on theme: "ITP Maturity Model Survey 2018"— Presentation transcript:

1

2 ITP Maturity Model Survey 2018
150 Information Security Professionals August 2018

3 Insider Threat Program Maturity Model
No ITP Unaware of risks Aware of risks IT responsibility Focus on tech Necessary depts. Formal program Early threat ID Policies in place Org-wide monitoring Dynamic, responsive ITP Agile

4 9 Aspects of the ITP Maturity Model
Goals & Objectives Awareness Governance Risk Assessment Policies Monitoring Process Intelligence Sources Communications & Training

5 Benchmarking ITP Maturity

6 Key Findings Mid-market organizations have the greatest amount of work to do. With a majority of these organizations given little to no budget and the most basic of C-level support, most insider threat programs are reactive in nature, allowing threats to occur before IT teams even respond.

7 Key Findings The majority of organizations today have no formal team in place to establish policy and process, and to mature the program in response to both perceived and experienced threats.

8 Key Findings Organization size had no impact on the maturity of the program in place. Other than the shift from a lack of a program in smaller organizations to the presence of some kind of program in larger ones, the levels of program maturity did not increase with organization size.

9 More Key Findings Organizational support Budgetary expenditures
Tool Augmentation

10 Key Finding Privacy was a greater concern for less mature programs and less of a concern for mature programs.

11 Building a Mature Insider Threat Program
Obtain executive buy-in. Consult with legal counsel early and frequently. Define the process for how to respond to an insider threat situation. Create an inventory of critical data to define the focus of the ITP. View internal threats holistically as you would external threats. Identify existing technologies which may augment the ITP. Establish clear acceptable use policies. Identify resources to assist HR in employee screening. Invest in the correct tools to identify, prevent and mitigate insider threats. Include ITP communication as part of the onboarding and annual training processes.

12 Veriato.com The Veriato mission is to help customers protect their most valuable assets, reduce their risk, and gain unparalleled visibility into their operations with advanced machine learning and data analytics insider threat protection solutions. Our solutions are deployed in 110+ countries Over 3,000 enterprises, & thousands of SMBs have placed their trust in our solutions 8 Out of Top 10 7 Out of Top 10 6 Out of Top 10 Technology Financial Health

Download ppt "ITP Maturity Model Survey 2018"

Similar presentations

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, 2007. This work is the intellectual property rights of the author.

Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
Mergers & Acquisitions The real success factor 1 + 1 = 1,5 or 2,5? 1.

Mergers & Acquisitions The real success factor = 1,5 or 2,5? 1.
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.

Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Information Security Training for Management Complying with the HIPAA Security Law.

Information Security Training for Management Complying with the HIPAA Security Law.
© 2001 by Carnegie Mellon University PSM-1 OCTAVE SM : Senior Management Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh,

© 2001 by Carnegie Mellon University PSM-1 OCTAVE SM : Senior Management Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh,
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.

Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
REC support is. provided under cooperative agreement 90RC0025/01 from the Office of the National Coordinator for HIT, US Dept. of Health and Human Services.

REC support is. provided under cooperative agreement 90RC0025/01 from the Office of the National Coordinator for HIT, US Dept. of Health and Human Services.
A global nonprofit: Focusing on IP Protection and Anti-Corruption Sharing leading practices based on insights from global companies, academics, organizations.

A global nonprofit: Focusing on IP Protection and Anti-Corruption Sharing leading practices based on insights from global companies, academics, organizations.
Health Management Dr. Sireen Alkhaldi, DrPH Community Medicine Faculty of Medicine, The University of Jordan First Semester 2015 / 2016.

Health Management Dr. Sireen Alkhaldi, DrPH Community Medicine Faculty of Medicine, The University of Jordan First Semester 2015 / 2016.
Legal Jeopardy: Whose Risk Is It?. SPEAKERS Jason Straight Chief Privacy Officer and Senior Vice President Cyber Risk Solutions at UnitedLex Patrick Manzo.

Legal Jeopardy: Whose Risk Is It?. SPEAKERS Jason Straight Chief Privacy Officer and Senior Vice President Cyber Risk Solutions at UnitedLex Patrick Manzo.
Strategic and Business Planning for Ensuring of Cooperatives Sustainability Dr. Hakkı Çetin TARIS Union of Olive and Olive Oil Agricultural Sale Cooperatives.

Strategic and Business Planning for Ensuring of Cooperatives Sustainability Dr. Hakkı Çetin TARIS Union of Olive and Olive Oil Agricultural Sale Cooperatives.
Unifying Talent Management. Harnessing the Power of Workforce Intelligence in Talent Planning to Drive Business Performance.

Unifying Talent Management. Harnessing the Power of Workforce Intelligence in Talent Planning to Drive Business Performance.
Business Continuity Planning 101

Business Continuity Planning 101
Enterprise Risk Management Scott Moss, CIS P/C Trust Director Maryam Z. Sherkat, MIABC Legal Counsel & Risk Officer Mayor Teunis Westbroek, MIABC Board.

Enterprise Risk Management Scott Moss, CIS P/C Trust Director Maryam Z. Sherkat, MIABC Legal Counsel & Risk Officer Mayor Teunis Westbroek, MIABC Board.
T HE E FFECTIVE P ROJECT M ANAGEMENT O FFICE Strategies For Building, Selling & Setting Up PMOs Mark E. Mullaly, PMP.

T HE E FFECTIVE P ROJECT M ANAGEMENT O FFICE Strategies For Building, Selling & Setting Up PMOs Mark E. Mullaly, PMP.
For more course tutorials visit

For more course tutorials visit
CMGT 400 GUIDE Real Success CMGT 400 Entire Course FOR MORE CLASSES VISIT CMGT 400 Week 1 Individual Assignment Risky Situation CMGT.

CMGT 400 GUIDE Real Success CMGT 400 Entire Course FOR MORE CLASSES VISIT CMGT 400 Week 1 Individual Assignment Risky Situation CMGT.
For More Best A+ Tutorials CMGT 400 Entire Courses (UOP Course) CMGT 400 Week 1 DQ 1 (UOP Course)  CMGT 400 Week 1 Individual Assignments.

For More Best A+ Tutorials CMGT 400 Entire Courses (UOP Course) CMGT 400 Week 1 DQ 1 (UOP Course)  CMGT 400 Week 1 Individual Assignments.
Establish and Identify Processes  Identify and establish current state:  Roles and responsibilities  Processes and procedures  Operational performance.

Establish and Identify Processes  Identify and establish current state:  Roles and responsibilities  Processes and procedures  Operational performance.

Similar presentations

Ads by Google