Presentation is loading. Please wait.

Presentation is loading. Please wait.

USER ACTIVITY MONITORING: MITIGATING USER-BASED RISK Presented by XXXX.

Published byJemimah Allison Modified over 9 years ago

Similar presentations

Presentation on theme: "USER ACTIVITY MONITORING: MITIGATING USER-BASED RISK Presented by XXXX."— Presentation transcript:

1 USER ACTIVITY MONITORING: MITIGATING USER-BASED RISK Presented by XXXX

2 RISK ASSETS SystemsAppsInformation Users PEOPLE

3 INFRASTRUCTURE FIREWALLS ACCESS CONTROL SIEM (LOG DATA) INFRASTRUCTURE FIREWALLS ACCESS CONTROL SIEM (LOG DATA) USERS MITIGATE RISK APPS, SYSTEMS, INFORMATION EMPLOYEE / CUSTOMER DATA INTELLECTUAL PROPERTY REGULATED SERVERS IDENTIFY MANAGE INFLUENCE BEHAVIOR INFER USER ACTIONS ASSETS PEOPLE ? X

4 76% OF DATA BREACHES INVOLVE ACCOUNTS WITH ACCESS TO SENSITIVE DATA Source: Data Breach Investigations Report Verizon

5 WE FORGOT ABOUT OUR USERS!

6 External Vendors USER-BASED RISK Business UsersIT Users

7 USER-BASED SECURITY Securing Enterprises will require a shift to User Activity Monitoring Source: Prevention is Futile in 2020, Gartner

8 WHO’S DOING WHAT? Detect and Respond to User- based Risks Apps KeystrokesClicks

9 Sessi on activ ity alert s Session alert summary

10 Alert indication per screenshot on the timeline Alert indicati on per activity Message suspicious users, and terminate sessions

11 ADD USER CONTEXT TO YOUR ECOSYSTEM User Context SIEMIAMITSM

12 OVER 1,200 CUSTOMERS

13 DO YOU KNOW YOUR USER-RISK PROFILE? Business Users 84% of Insider based breaches involve users with no admin rights 2 69% of reported breaches involved a trusted users 1 IT Users 62% of admin-caused breaches due to human error 3 1 Verizon DBIR 2013 2 2014 IBM/Ponemon Cost of Data Breach Report 3 ibid 4 The 2014 Target Stores breach, not included in the VDBIR14 report Contractors Breaches involving contractors have significantly higher data loss and severity 4

14 THANK YOU

Download ppt "USER ACTIVITY MONITORING: MITIGATING USER-BASED RISK Presented by XXXX."

Similar presentations

SIEM Based Intrusion Detection Jim Beechey May 2010 GSEC, GCIA, GCIH, GCFA, GCWN twitter: jim_beechey.

SIEM Based Intrusion Detection Jim Beechey May 2010 GSEC, GCIA, GCIH, GCFA, GCWN twitter: jim_beechey.
98% of the IT team and external contractors HATE our product.

98% of the IT team and external contractors HATE our product.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
USER ACTIVITY MONITORING: YOUR MISSING SECURITY VANTAGE POINT Presented by Matt Zanderigo.

USER ACTIVITY MONITORING: YOUR MISSING SECURITY VANTAGE POINT Presented by Matt Zanderigo.
Managed Security Monitoring. 2 ©2015 EarthLink. All rights reserved. Today’s top IT concerns — sound familiar? Source: IT Security Risks 2014: A Business.

Managed Security Monitoring. 2 ©2015 EarthLink. All rights reserved. Today’s top IT concerns — sound familiar? Source: IT Security Risks 2014: A Business.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 SIEM Based Intrusion Detection Jim Beechey March 2010 GSEC Gold, GCIA Gold, GCIH,

1 SANS Technology Institute - Candidate for Master of Science Degree 1 SIEM Based Intrusion Detection Jim Beechey March 2010 GSEC Gold, GCIA Gold, GCIH,
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Access Control Chapter 3 Part 5 Pages 248 to 252.

Access Control Chapter 3 Part 5 Pages 248 to 252.
Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd (610820-A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, 57000 Kuala Lumpur,

Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd ( A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, Kuala Lumpur,
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.

Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.
Outline  Company Profile  Services Provided  Assets  System Schema  Risk Categories  Technical Risks and Mitigation  Summary.

Outline  Company Profile  Services Provided  Assets  System Schema  Risk Categories  Technical Risks and Mitigation  Summary.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
1 Protecting Data in a Collaborative Environment Willa Pickering, Ph.D.

1 Protecting Data in a Collaborative Environment Willa Pickering, Ph.D.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
Data Center Firewall. 2 Common IT Security Challenges Does my network security protect my IT environment and sensitive data and meet the regulatory compliances?

Data Center Firewall. 2 Common IT Security Challenges Does my network security protect my IT environment and sensitive data and meet the regulatory compliances?
© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.

© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.
Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Secure & Unified Identity for End Users & Privileged Users.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Secure & Unified Identity for End Users & Privileged Users.

Similar presentations

Ads by Google