Insider Threat Services

Insider Threat Awareness & Training

Our security engineers, white hats, and security policy experts have decades of combined experience providing documentation, due diligence, engineering, consulting, and training services with respect to many different security frameworks and sources of regulatory guidance, including:  NIST, ISO, COBIT, SANS, FTC, SEC, CFTC, FFIEC, NYDFS, FINRA, and HIPAA/ HITECH.

Our Insider Threat services are also different from those provided by many other IT firms in that our teams have hands-on experience training for and defending against threats to classified and other sensitive assets, including sophisticated private and nation-state attackers.

Our Insider Threat services include the following:

Preventative Measures

  • Insider threat policy documentation (designed by former DoD and law enforcement operatives)
  • Analysis and description of normal (baseline) network behavior
  • Employee termination procedures to help identify/minimize threats
  • Access controls and monitoring policies for privileged users
  • Continuous monitoring to collect/track network logs and system usage
  • Secure data destruction and management of your company’s data
  • Analysis of potential insider threat activities
    • Physical access log analysis
    • Network activity log analysis
    • Detection of anomalous behavior

Training

  • Insider threat training by former DoD and law enforcement forensics experts
  • Review of security agreements with 3rd parties with access to your network/premises
  • Conflict resolution modules to minimize insider threat behavior
  • “High Value Target” training for executives and IT admins

Response *
Our experts are available 24/7 to respond and investigate potential insider threat behavior, including breaches that might result from negligent or malicious insider activities. Our response services include (but are not limited to):

  • On-site Identification/verification of breach
    • Analysis of the cause(s) of breach and attack vector(s) used
    • Attribution
  • Eradication of threat(s)
  • Recovery
    • E.g. Access Controls, Encryption, Firewalls & Segmentation, IDS/ IPS, Netflow Analysis
    • E.g. Malware or Threat Actor Identification and Eradication
  • Retraining for employees, IT staff, Compliance staff, and management (as needed)

 

*Our incident response services are conducted with the highest level of discretion, and in coordination with senior management.