Dr Karen Renaud
Reader, University of Strathclyde
PRESENTATION
The Insider Threat and How to Mitigate It
Presentation overview
Current Insider Threat Taxonomies are rather limited, usually distinguishing between compliant and non-compliant. Yet there are at least four dimensions that distinguish insiders from each other. Mitigations are usually related to improving awareness but that only feasibly reduces the threat that comes from one of the insider threat types in our taxonomy. I will introduce the different types of insider, provide examples from news reports, and then suggest tailored mitigations calculated to target the specific insider risk type.
Biography
Karen Renaud is a Scottish computing Scientist at the University of Strathclyde in Glasgow, working on all aspects of Human-Centred Security and Privacy. She was educated at the Universities of Pretoria, South Africa and Glasgow. She is particularly interested in deploying behavioural science techniques to improve security behaviours, and in encouraging end-user privacy-preserving behaviours. Her research approach is multi-disciplinary, essentially learning from other, more established, fields and harnessing methods and techniques from other disciplines to understand and influence cyber security behaviours. She collaborates with academics in 5 continents and incorporates findings and techniques from multiple disciplines in her research.