Asset 1
Detecting Insider Threats (Sept. 22 / Webinar)
September 22 - Live Webinar

Cloudera and Digital Reasoning hosted an expert discussion on detecting insider threats and human risk with Hadoop and cognitive analytics for big data

According to a 2014 report by CERT, 28 percent of electronic crime at US organizations is caused by insiders. Those charged with data security and compliance are increasingly aware of the insider threat: disruptive actions taken individuals that have a role within the organization.

The legitimate freedom granted to insiders to access an organization’s network means that the impact of a bad actor can be truly shocking. InformationWeek reported on cases from the CERT Insider Threat Center, which included a major city that experienced crazy traffic signals when two disgruntled employees took control of the system; three employees at a law firm who altered 78,000 client records before quitting and moving to a rival firm, and an employee of a hedge fund who evaded tight defenses and managed to steal the firm’s highly protected trading algorithms.

Against this background, Digital Reasoning and Cloudera joined forces to host a webinar with a panel of experts. Moderated by Dave Curran, Global Director of Compliance Solutions at Thomson Reuters, the session explored how organizations and regulators are dealing with the insider threat and how technology is being used to mitigate or even prevent it.

Webinar panel members

  • Dave Curran, Global Director of Compliance Solutions at Thomson Reuters, Webinar Moderator
  • Jacob S. Frenkel, Attorney at Shulman Rodgers and former Senior Counsel to the Division of Enforcement at the Securities and Exchange Commission
  • Jeffrey Holik, Attorney with Financial Regulatory Compliance Practice at Shulman Rodgers and former Chief Legal Officer at PNC Investments
  • Steve Totman, Chief Data Evangelist at Cloudera
  • Marten den Haring, Chief Product Officer at Digital Reasoning

Key insights from the discussion

The following insights are paraphrased from the webinar discussion:

  • Data silos are a death trap and detection is the critical key to effective risk management. The challenge is the ability to tie disparate data streams together to detect problems before they hit the newspapers – Jeffrey Holik
  • Tech gives the potential to look at so much more, such as where is the money going, internal communications streams. It goes beyond a brokers personal trading records. Tying and vectoring data gives us an opportunity to characterize behavior in a way that wasn’t possible even 5 years ago – Jeffrey Holik
  • We may not see new statues from regulators, but common law practices will mean regulators will define their approach through enforcement – Jacob S. Frenkel
  • Companies are drowning in complexity. The gaps between data systems lead to problems. There is no holistic view across the organization. Most monitoring systems can handle structured information, but struggle with un- or semi-structured data. The regulators themselves are getting smarter. They are using technologies, such as Hadoop, to monitor the market – Steve Totman
  • The rate of change is hard to cope with. The demands of compliance are expanding, but the processes are incredibly manual so companies are struggling to keep pace, even when they have increased resources – Steve Totman
  • Insiders can use their trusted relationships to do unauthorized things, but existing controls and systems don’t do a great job defending against this. It’s hard to get a holistic view of the person and their actions. Digital Reasoning is using technology to help banks use their unstructured data to build profiles of their people – Marten den Haring
  • Hadoop can provide the foundation of a modern data strategy, cost-effectively uniting structured and unstructured data, and running analytics apps on top of this. Clients are using it as a compliance hub – Steve Totman
  • Analytics tools can come in and use that hub to identify problems, seeing clues in communications data – Marten den Haring
  • You need to be able to enforce your compliance policies. The regulator doesn’t expect you just to aggregate data, you should be able to act on it – Jeffrey Holik

You can find the entire recorded webinar in the Video section of our Resource Library.