10-17, 13:00–13:50 (America/New_York), Track 4 (2104B)
Language: English
An exploration of real-world case studies of the truly human problem, whether it is a compromised account, intentional misuse, or accidental damage, risky insiders hide under the guise of legitimate business operations.
Some people believe that perimeter defences are stronger than ever and external threats are well understood. With the hard crunchy exterior, many organizations trust the safety of their often flat open network where the most elusive adversary resides.
Trusted access becomes a vector for harm, whether intentional or accidental. This talk explores the nuanced and often hidden world of insider risk through a series of case studies. Using Microsoft Purview Insider Risk Management as the potential platform for detection, investigation, and risk mitigation, we will explore the contextual signals such as data exfiltration patterns, anomalous access behaviours, and privilege misuse to show where the tool succeeds, but also where it fails at each stage.
Attendees will gain insights into building a risk-aware culture, aligning compliance and security teams, and designing systems that detect the ghost before it strikes.
Whether you're a security leader, analyst, or compliance professional, this session will challenge assumptions and offer practical strategies for confronting one of the most complex threats in businesses today.
Don Mallory has over 30 years of experience in enterprise IT, primarily in critical infrastructure, specializing in operations, data storage, disaster recovery, and security for critical infrastructure. Professionally, Don is a Senior Security Analyst in the healthcare sector. He is a co-author of “Applied Data Security Strategy - A Leader’s Guide”, and has been involved in various volunteer activities including C3X, Hak4Kidz Toronto, and the Latow Photographer's Guild.