1. Insider threats
1.1. Careless or negligent employee
1.2. A criminal or malicious insider
1.2.1. Insider threats have increased across the 3 profiles
1.2.2. 85 days, average day of containing an incident
1.2.2.1. Organizations are most concerned about credential theft
1.2.2.2. Negligent Employees are the root cause of most insider threats
1.2.2.3. Vulnerable IOT devices are of great risk to data loss
1.2.2.3.1. Theft or loss of mission critical data or intellectual property
1.2.2.3.2. Impact of downtime on organizational productivity
1.2.2.3.3. Damage to equipment and other assets
1.2.2.3.4. Cost to Detect business processes
1.2.2.3.5. Legal and regulatory impact, litigation defense cost
1.2.2.3.6. Lost confidence and trust among key stakeholders
1.2.2.3.7. Diminishment of marketplace
1.2.2.4. Most sensitive data is in email
1.2.2.5. Malicious insider use corporate emails to steal data
1.2.3. The negligent insider is the root of most incidents
1.3. A credential theft
2. Mitigating risks
2.1. Data loss prevention
2.2. Privileged Access Management
2.3. User and Entity Behavior Analytics
2.4. Security Information and Event Management
2.5. Endpoint Detection and Response
2.6. Inside Threat Management
2.6.1. Monitoring and Surveillance
2.6.2. Investigation
2.6.3. Escalation
2.6.4. Incident response
2.6.4.1. General cost of Activities
2.6.4.1.1. Cost of Information
2.6.4.1.2. Cost of Business Disruption
2.6.4.1.3. Cost of Equipment Damage
2.6.4.1.4. Lost Revenue
2.6.5. Containment
2.6.6. Ex-post response
2.6.7. Remediation