Attaining Insider Threat Intelligence

Perhaps counterintuitively, the cloud can reduce the threat surface. With a bifurcated focus of identity as the perimeter and data as the perimeter- cyber security executives can gain insight into behavior patterns of users and the data itself. This bifurcated focus helps put cyber security into a forward-facing posture with an emphasis on where users and data are going.

This is a far cry from a centrifugal focus of defending the castle-moat perimeter from adversaries accessing users and/or data. In that construct, any threat intelligence simply turns the cyber security executive into a ‘hockey goal tender.’ If a hack is a puck, the CISO is simply attempting to “block shots on goal,” to capture the puck before it gets to anything valuable. Of course- sadly, sometimes the puck is not even seen.

To continue the analogy- real-time action-oriented threat intelligence informed by the behavior of organizational identities and data allows the cyber security executive to skate where the puck is going. In this construct, not only can in-the-moment crises be averted, but the CISO can detect rogue activity moving forward.

Mathieu Lahierre, Principal Application & Data Security - Cybersecurity, Technology Risk & Compliance, BHP shares perspective on:

• Significantly reducing the threat surface.
• Realizing the importance of IAM and the usage of information rights management.
• Engaging in rigorous regulatory compliance. 
• Implementing systems to ensure DLP while detecting rogue activity. 
• Mitigating the risk of user error as well as malicious activity through behavioral tracking.
• Establishing malfeasance vs. misfeasance.
• Gaining traction in the cloud.

Join Mattieu at Threat Intelligence APAC on the Cyber Security Hub.