Practice New Skills with 4 Months of Free Core NetWars Continuous - Special Offer Ends 11/4!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

The Keys to Managing Insider Threats & Stopping Data Exfiltration

  • Tuesday, August 21, 2018 at 1:00 PM EDT (2018-08-21 17:00:00 UTC)
  • Tim Armstrong, John Pescatore


  • ObserveIT

You can now attend the webcast using your mobile device!



The greatest cyber security threat an organization faces is no longer the malicious outsider hacking from beyond network firewalls. It is the insiders - the contractors, vendors, privileged users and business users who already have full access to your company's systems and sensitive data. Addressing this type of threat requires a much different approach than addressing external threats; whether unintentional or malicious, organizations with sensitive customer data need to quickly identify and eliminate insider threat. Attend this session to learn best practices and real-life examples for building and maintaining an effective insider threat program.

Speaker Bios

Tim Armstrong

Tim Armstrong is a seasoned industry voice on cyber security topics including malware, incident response, insider threat, and cloud security. Prior to his role at ObserveIT, Tim has worked in diverse technical sectors such as malware analysis at Kaspersky Lab, product marketing at Threat Stack, and incident response at IBM Reslient.

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.