130 likes | 536 Vues
Bolstering the Human Firewall . Presented by Joel Krauss. Be Prepared. For Anything. A Corporate Counter-Espionage Approach. Is Awareness Driving Preparedness. Be Prepared. For Anything. Where is industrial espionage awareness evident in the organisation?
E N D
Bolstering the Human Firewall Presented by Joel Krauss Be Prepared. For Anything A Corporate Counter-Espionage Approach
Is Awareness Driving Preparedness Be Prepared. For Anything • Where is industrial espionage awareness evident in the organisation? • Who is aware or has responsibility for counter-espionage awareness? • Is awareness leading to appropriate action? • Is preparation appropriate to the threat and vulnerabilities? • Is effective preparation delivering an effective capability? • Are measures and methods obsolete or incomplete in the current context? The Human Firewall
The Human Firewall: Recognising it’s Place Be Prepared. For Anything The convergence of cyber and human-enabled threats is difficult to defend against without applying a converged response. Defending against only one of these methods of penetration will certainly point the attacker towards the other. • Robust technical countermeasures can provide a secure operating environment, but they can be circumvented. • Most corporate security programs do not or can not adequately address the human weaknesses in their workforce. • High-stakes human-enabled industrial espionage projects are often undertaken by former national intelligence officers. In the case of state-sponsored economic espionage they have the backing and resources of a government. • The threat posed by such professionals could come in the form of direct action by the intelligence officer or through a controlled operation (penetration). The Human Firewall
The Human Firewall: Vulnerabilities Be Prepared. For Anything Human-enabled threats leverage deception to obtain sensitive information through the use of pretext: assuming a false identity or appearance to cloak real intentions. • The disgruntled employee may be the obvious choice of the stereotypical perpetrator, but the competitor can use either an unwitting or witting source. • The source ischosen to based on his employer’s intelligence requirements. • The source can be witting and appear to be an ideal candidate for a position. • The source can be unwitting, and will be manoeuvred into a sensitive position by an existing management source and recruited at a later date. • The attackers leverage social media and data forensics to identify a target employee. • Further collection activities, uncover susceptibilities and vulnerabilities in the potential target’s psychological make up. • The intended targetmay be contacted and developed by an intelligence officer in commercial persona or foreign persona. The Human Firewall
The Counter-Espionage Approach Be Prepared. For Anything Corporate counterintelligence is the overarching concept used to blend security capabilities and support a strong human firewall. • Corporate counter-espionage needs a full-spectrum or converged approach, because the competitive intelligence acquisition process is full-spectrum threat. • An ‘enhanced’ CE program leverages specialized detection practices, methodologies and response strategies to deter, neutralize, exploit and/or defeat the most serious threats. • A good CE program is agile enough to prevent, pre-empt, detect, and respond to industrial espionage with a rapid, nuanced and focused plan. • This CE program does not have to remain reactive: it can also go on the offensive in certain instances. • A CE program allows the security team to not only neutralize or control an industrial espionage relationship, but it also provides the best opportunity to collect operational security intelligence. The Human Firewall
The Process Be Prepared. For Anything Constructing a Human Firewall How vulnerable areyourstaff? How vulnerable is your information? How exposed are other measures to human flaws? Self Awareness What measures are in place, how do they correspondto a hierarchy of threats/methods: where are the gaps? ThreatPreparedness How do youfillthegaps in prevention, detection, andresponse? How do you configure a convergedoperating model? Converged Security What do youanticipate? What are you prepared for, howwould you pre-empt, and react to what you have anticipated? Scenario Building Establish priorities and a program. Introduce sensitisation initiatives, training and protocols. The Human Equation Test the capabilities, measure performance against customized scenarios. Buildfamiliaritywithoptions, andagility in response. Test & Exercise The Human Firewall
Building the Human Firewall Be Prepared. For Anything • Rigorous and multi dimensional approach to verification. Vetting Monitoring • Spotting anomalies in behaviour and activity using discrete observation techniques, and management diligence. Awareness • Corporate climate must be that every employee has a stake in ensuring the commercial success of their organization. Protocols Educating staff in what to do ifthey are the first one to detect an act of industrial espionage. Conditioning A sensible corporate counter-intelligence mentality must be ingrained in all processes – it must be part of the corporate DNA. Illustrative Examples The Human Firewall
Challenges to Implementation Be Prepared. For Anything • Senior management often does not appreciate the scale of the threat. • Clear disjoint between leadership and responsibility for ‘human’ security. • Demarcation and ownership of ‘the problem’ when addressing employee vulnerability. • Lack of an ‘converged’ approach to security planning. • Different functions conduct preparation to their own priorities rather than to common scenarios. • ‘Black Swan’ mindset and having to deal with the complexity of monitoring andpotential scale of the ‘unknowns.’ • Common belief that technology and systems can protect against the impact. • No willingness to engage with management complexity beyond ‘mission statement.’ • Inability to translate an understanding of what is required: into effective action & measured results. The Human Firewall
Recommendations on How to Implement Be Prepared. For Anything • Get 100% buy-in for adopting this posture. • Identify a focal point to drive the converged nature of your efforts in an efficient manner. • Quickly and efficiently determine what works and what does not. • Focus on gaps and blend existing controls into newly developed expertise. • Establish formalized procedures, which are internalized and tailored to your needs. • Inject a sense of threat awareness that does not alter relationships in the organization, but provides a common sense of vigilance. • Use customized scenarios to develop responses while exercising extreme resilience in your operations. • Scale your efforts to the threats based on dynamic competitive intelligence of the business-space. The Human Firewall
Converged Security Risk Services Be Prepared. For Anything Consultancy & Planning Surveys & Audits Response &Protection Joel Krauss Director, North American Operations Tel: +001.631.612.4124 Email: joel.krauss@optimalrisk.com Crisis, Risk & Security Specialists Reinforcing Your Security Building Your Resilience Testing Your Preparedness Exercising Your Response Threat Modeling & Forensics Advanced Cyber Defence Risk Analysis PHYSICAL SECURITY BLUE TEAM RED TEAM CYBER SECURITY