Cyber Education Theater: Network Physical Security Shortcomings at the Endpoint - A Loophole for Insider Threats that Cyber Cannot Plug
Tuesday, May 15, 2018: 2:30 PM - 3:30 PM
There exists a major loophole at the network endpoint from the wall to the desktop that cybersecurity does not address. Physical security of network and terminal hardware and its user interface has been ignored in policy and practice enabling catastrophic breaches from insider threats, most notably Manning and Snowden.
This session focuses on the need for convergence between physical security and cybersecurity to thwart emerging insider threats. It reviews the background of information technology, existing policies, or lack thereof, and the shortcomings of traditional physical security countermeasures as it relates to both host and endpoint security, and everything in between. Discussions shall analyze various aspects of the problem, risk factors, vulnerabilities and threat vectors affected by network architectures, applications, ergonomics and human interaction, inadequate policies, and facility/environmental issues. Solution discussions will focus on security in depth with an emphasis on physical security integration offering alternative countermeasures to give the IT security professional the knowledge and tools to address the insider threat from an “outside in” perspective to complement that of cybersecurity’s “inside out” approach.
Approved for 1 CompTIA CEU: A+, Network+, Security+, Cloud+, CySA+, and CASP; 1 Logical Operations CEC for Cybersecurity First Responder (CFR); and 1 GIAC CPE