“Legitimate access rules the threat landscape”, says Jon Ford,
Managing Director at Mandiant. In addition to loss of intellectual
property, malicious insiders are increasingly impacting organizational
reputation, customer trust and investor confidence. There’s a lot more
to insider cyber security threats than disgruntled employees, which is
the first thing that comes to mind for most when they think of this
threat. Jon Ford, Managing Director of Mandiant, and Johnny Collins,
Director of Mandiant, joined us to break down what insider threats are
and the trends Mandiant is seeing in recent investigations.
Johnny began by defining insider threats—from unintended link
clicking, all the way up to human enabled technical operations (think
meet-ups in parks while avoiding all electronic communications that
you see in movies). Both Johnny and Jon shared how organizations on
the commercial and government sides are thinking about insider threats
as part of their overall risk and security posture, and how clients
are approaching insider threat security from a behavior-focused
approach as opposed to targeting or profiling individuals.
Then we got to the good part: stories from recent investigations
they’ve worked on through Mandiant’s Insider Threat Security Services
offerings. You might be surprised by the outcomes of a few of them.
Johnny and Jon went on to highlight the various tiers of Mandiant’s
Insider Threat Program Assessments and Mandiant’s Insider Threat
Security as a Service offering with Mandiant Intelligence. Johnny and
Jon close with shared thoughts on the growing Insider Threat trends
we’ll see in the near future.