Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Small Business Management

Introduction to Insider Risk Management

Insider Risk:
What You Don’t Know can Lead
to Serious Consequences
Dawn Cappelli
Vice President, Information Risk Management
CISO Office
Rockwell Automation
PUBLIC INFORMATION
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Actual Insider Sabotage Case
A company is inundated with phone calls from angry
customers when their systems suddenly begin to
malfunction without warning…
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Purpose of this Presentation
Make sure this does not
happen to you!
Insider
Risk
Program
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
3
My Background
Software Engineer, Westinghouse Electric Company 1980-1988
Software Engineer, Carnegie Mellon University and the Software
Engineering Institute 1988-2001
Founder and Director, CERT Insider Threat Center - Carnegie Mellon
University Software Engineering Institute 2001-2013
Vice President, Information Risk Management, Rockwell Automation
2013-Present
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
4
Why is Insider Risk Important?
• Half of employees who left or lost
their jobs in the last 12 months kept
confidential corporate data
• 40% plan to use it at their new job
• One global company found 70% of
their employees were taking
information with them when they
left the company
Insider
Risk
Program
• The Information Technology sector is the highest in number of
Insider Theft of Intellectual Property cases (according to the CERT
Insider Threat Center)
• Manufacturing is 4th highest sector
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Actual Insider Theft of Information Case
Contract software engineer steals source code
for the company’s next generation product by
tricking the security guard after hours.
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Actual Insider Theft of Information Case
Head of an engineering department allegedly
was recruited to leave and join another company,
and to take trade secrets with him, causing
losses of more than $800 million.
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Insider Cyber Sabotage
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
8
Actual Insider Cyber Sabotage Case
A global financial institution cannot serve its customers
when 10 Billion files are suddenly deleted from every
server in the U.S. – right at 9:00 AM when they open for
business…
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Actual Insider Sabotage Case
Contract system administrator shuts down computers
at the power generation facility where he works, even
though he had been suspended by his own company.
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Building a Formal Insider Risk Program
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
11
Step #1:
Create the virtual team
Company
Leadership
Human
Resources
Information
Technology
Insider Risk
Team
Information
Security
Physical
Security
Legal
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
12
The Name is Important!
Insider
Risk
Team
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
13
Step #2:
Develop a technology roadmap with IT
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
14
Step #3:
Build the foundation with HR and Legal
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
15
Step #4:
Establish formal processes
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
16
Step #5:
Implement the program globally
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
17
Step #6:
Scale the program
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
18
Step #7:
Implement continuous risk management
Assets
Points of
Vulnerability
High-risk
Positions
Threats
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
19
As soon as possible: Participate in the
Insider Threat Community
Household/
Personal Care
Manufacturing /
Assembly
Heavy Industries
Transportation
Telecommunications
Life Sciences
Packaging
Food & Beverage
Print Publishing
Entertainment
Financial
Research
PUBLIC INFORMATION
Retail
Healthcare
Semiconductors /
Electronics
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
20
Summary
 We know insider risk is a significant global problem based on:
 Industry research
 Cases that have been in the news
 We owe it to our employees, customers, and people everywhere who could be
impacted if our:
 Trade secrets are stolen
 Products are sabotaged
 If we do not do this:
 Jobs could be lost
 Customer information could be compromised
 Operational impacts at customer sites could have significant consequences
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Questions?
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Contact Information
Please direct comments and questions to:
Dawn Cappelli
Vice President, Information Risk Management
CISO Office
Rockwell Automation
+1 414-323-0404
dmcappelli@ra.rockwell.com
PUBLIC INFORMATION
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
Related documents
Understanding Process Safety Management
Understanding Process Safety Management
What is Quality? - Rockwell Automation
What is Quality? - Rockwell Automation
Power Point 1 - SequoyaAPT.org
Power Point 1 - SequoyaAPT.org
Download