Insider Threats: How To Defend Against Accidental Malicious And Social Engineering Attacks
In this episode of Krome Cast Tech IT Out, join Sam Mager and Paul Edwards, Head of Security Operations, as they delve into the complex and ever-present world of Insider Threats.
Insider threats come in various forms, and this podcast explores the intricacies of accidental threats, malicious, and social engineering scenarios. Learn how seemingly innocent actions, like taking a photo in the office, can inadvertently expose sensitive data or how a simple mistype in an email address can lead to data leakage.
The discussion also takes you through the motives behind malicious insiders who aim to profit from or harm your organisation, along with the ominous world of social engineering, where cybercriminals manipulate trust to gain unauthorised access.
When it comes to defending against insider threats, the right training, tools and strategies are vital. The podcast outlines the role of advanced solutions like Palo Alto Network firewalls and SSL decryption in addressing accidental breaches. It also highlights the significance of monitoring tools such as Darktrace in detecting and mitigating malicious threats, along with the importance of document classification and compliance tools within Office 365 to control data sharing and access.
Chapter Timestamps:
00:00 - 🎬 Introduction
00:23 - 🕵️♂️ What is an insider threat?
01:16 - 🤦♂️ Accidental insider threats
03:40 - 😈 Malicious insider threats
05:44 - 🎣 Social engineering and phishing attacks
05:34 - 🚫 Preventing insider threats through training and education
10:56 - 🛠️ Tools and strategies for accidental insider threats
13:13 - 🔒 Protecting against malicious insider threats
14:00 - 🔗 Guarding against social engineering and supply chain compromise
15:38 - 👨💻 The importance of skilled professionals in the Security Operations Center
ABOUT KROME
Krome Technologies is a technically strong, people-centric technology consultancy that delivers end-to-end infrastructure and security solutions that solve business challenges and protect critical data. We work collaboratively with clients, forming long-term business partnerships, applying knowledge, experience and the resources our clients need to solve problems, design solutions and co-create agile, efficient and scalable IT services.
CONTACT
• Telephone: 01932 232345
• Email: [email protected]
• Website: https://www.krome.co.uk/
SOCIAL MEDIA
• Linkedin: / krome-technologies-ltd
• Instagram: / krometechnologies
• Twitter: / krometech
• Facebook: / krometechnologies
