The insider threat is the subject of a Perpetuity conference in London on November 6 and 7.
A convicted fraudster will offer his experiences of doing fraud before capture, interviewed by Martin Gill founder of event organisers Perpetuity Research and Consultancy International.
Other speakers include Laurence Mulley (SOCA), Robert Coles of Merrill Lynch on the business case for and against employee monitoring; and Kate Legg of Higgs & Sons, covering the legal side of monitoring staff. Peter Sommer of the London School of Economics and Open University will go into forensic investigations of the insider threat.
There are technical, behavioural, and organisational angles, from weaknesses in company procedures; to pre-employment screening and people – with what attributes? – who make use of weak links in company processes to do wrong, such as misusing their privileges. For instance, Dawn Cappelli of CERT will describe the Software Engineering Instituteโs CERT Programme. It has collected several hundred case files for insider cyber crimes between 1996 and 2007, including theft of confidential or sensitive information, IT sabotage, fraud, and threats to critical infrastructures. And Greg Stephens and Deanna Caputo of MITRE will go through their ELICIT (Exploit Latent Information To Counter Insider Threats) research into malicious behaviour.
Giving an academic view will be Paul Ekblom of the Design Against Crime Research Centre, Central Saint Martins College of Art & Design; Peter Trim of Birkbeck College and Angela Sasse of University College London; and Clive Blackwell of Royal Holloway.
For details mail [email protected]
