How to Build an Insider Threat Program

Tech Theater 1

Starts: June 7, 2023 2:00 pm
Ends: 3:00 pm
Sponsored by
Exabeam logo
More info

How to Build an Insider Threat Program:

Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.


Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.


This presentation will explore:

  • The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
  • Four attributes of a successful insider threat program
  • How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster

Wanda Miles

Senior Security and Compliance Program Manager

Wanda Miles, Senior Security and Compliance Program Manager at Exabeam is an information security professional with more than ten years of providing program and project management for compliance programs, risk operations and security vulnerability management. Wanda worked as a consultant for Microsoft Azure helping them build their compliance program and obtain several certifications. Ms. Miles has also managed data center migrations from on-premises to the cloud, risk management assessments for clients, and assisted companies obtain, SOC 2, ISO, PCI, FedRAMP and other third-party assessments including penetration testing.