Building an insider threat program is more than picking tools and expecting the Security Operations team to capture all external and internal threats. There is more to it, especially when you are building a program from scratch.
In this breakout session, Senior Exabeam Security Engineer Chris Tillett explains the importance of building an Insider Threat Program that not only covers basic threat detection scenarios, but also accounts for the differences between internal organizations. As you can imagine, what is considered "normal activity" for the Finance Department can be very different from that of Human Resources.
To get you started, Chris will share his insights including:
- Identifying what an insider threat program should look like
- How to build an insider threat framework from scratch for your company
- The process of building behavior-based models for internal organizations
- The importance of identifying normal behaviors