The past few years have clearly demonstrated that the longer it takes to detect malicious activities, the more costly the breach. In this Help Net Security video, Doron Hendler, CEO at RevealSecurity, discusses the insider threat challenge in business …
Tag: insider threat
Europe, Global Security News, North America
Building Visibility into Hybrid Workplaces: Tips for Minimizing Employee Burnout
by Lynsey Wolf •
It’s become a bit of a cliché, saying that the pandemic created a “new normal” for all of us. But the reality is, the pandemic did introduce new ways of living and working. Employees are demanding more flexible workplaces with a stronger focus on work-…
Europe, Global Security News, North America
Time to Value for Insider Risk Management is Key to Adoption & Success
by Jonathan Daly •
In previous posts we have covered several critical factors for organizations to consider when comparing insider risk management and insider threat surveillance solutions. This post will discuss a more basic business factor: Time to Value. When organiza…
Europe, Global Security News, North America
The Great Resignation: 3 Steps to Help CISOs Secure Critical Data During Offboarding
by Lynsey Wolf •
With 4.4 million workers quitting their jobs in April 2022, the Great Resignation persists. In response to the continued trend of workers leaving their jobs, business leaders and HR teams are grappling with how to retain top talent, while CISOs and IT …
Europe, Global Security News, North America
SaaS Security in the Great Resignation
by Maor Bin •
The phenomenon known as the Great Resignation is showing no signs of slowing. Nearly 48 million people in the U.S. quit their jobs last year with another 4.3 million this past January alone. This creates obvious labor shortage challenges, but what’s l…
Europe, Global Security News, North America
Insider Risk Management—A 7 Step Approach to Zero Trust (Part 1)
by Jonathan Daly •
Zero Trust security has arrived in full force, and that’s a very good thing for every cyber security practitioner. While the concept has been around since the 1990’s when Stephen Marsh wrote about “Formalising Trust as a Computational Concept,” the COV…
Uncategorized
Smashing Security podcast #275: Jail for Bing, and mental health apps may not be good for you
by Graham Cluley •
A man hacks his employer to prove its security sucks, Telegram provides a helping hand to the Eternity Project malware, and what the heck do mental health apps think they’re up to?
All this and much more is discussed in the latest edition of the awa…
Europe, Global Security News, North America
Why You Need a Multi-national IRM Program
by Jonathan Daly •
Insider Risk or Threat Management (IRM) programs are quickly becoming a must-have for global organizations and enterprises. The risk of losing customer information, trade secrets, and other sensitive data due to negligent and malicious actors poses a r…
Europe, Global Security News, North America
Privacy Makes all the Difference: Insider Risk Management and Insider Threat Surveillance
by Jonathan Daly •
As insider risks, whether born from negligence, external intimidation, or true malicious internal threats, grow, organizations need to take steps to identify and eliminate these threats. In a previous post we discussed two competing approaches: Insider…
Global IT News
Ikea Canada tight-lipped on details of breach of security controls
by Howard Solomon •
Company will only say an “investigation” led to the disclosure that an employee made unauthorized searches
The post Ikea Canada tight-lipped on details of breach of security controls first appeared on IT World Canada.
Global Security News, North America
How to set up a powerful insider threat program
by Help Net Security •
Security spend continues to focus on external threats despite threats often coming from within the organization. A recent Imperva report (by Forrester Research) found only 18 percent prioritized spend on a dedicated insider threat program (ITP) compare…
Europe, Global Security News, North America
Insider Risk Management or Insider Threat Surveillance?
by Jonathan Daly •
The risk from malicious insiders has long been top-of-mind among security professionals. More recently it has grabbed the attention of executive teams and board members. Addressing the risk is more complicated. Employees, vendors, and partners require …
Europe, Global Security News, North America
Five Security Lessons From the Lapsus$ Attacks
by Mike Campfield •
Threat groups like Lapsus$ are increasingly targeting the blind spots in otherwise robust corporate cybersecurity programs.
The post Five Security Lessons From the Lapsus$ Attacks appeared first on Security Boulevard.
Global Security News, North America
Don’t ignore risks lurking within your own network
by Help Net Security •
In this video for Help Net Security, Chris Waynforth, AVP Northern Europe at Imperva, talks about insider threats to organizations. Despite increased investment in cybersecurity, organizations are focusing more on protecting themselves from external th…
Europe, Global Security News, North America
A New Day, A New Warning: HHS Issues Guidance to HPH Sector About Insider Threats in Healthcare
by Jonathan Daly •
Earlier this month the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) issued a report on the risk to the healthcare sector from malicious insiders. Why now? The Lapsus$ group hack of Okta and subsequent b…
Europe, Global Security News, North America
Employee Stress & Insider Threats: How to Mitigate Risk from a Security & HR Standpoint
by Lynsey Wolf •
April is Stress Awareness Month. It’s been recognized as such since 1992, but given the events of the past few years, it’s critical to spread awareness now more than ever—and not only during the month of April. Stress impacts people in various ways and…
Europe, Global Security News, North America
Why Striking the Balance Between Insider Risk and Privacy is More Important Than Ever
by Jonathan Daly •
The last three years have changed the workplace more than any other period in history. We’re now in a new phase with pandemic restrictions easing across the board and most organizations around the world in full “return to office” mode. While this is do…
Europe, Global Security News, North America
3 Ways to Take Control of Your Cyber Security Career in 2022
by Mohan Koo •
As the cyber security landscape continues to transform before our eyes, it’s becoming increasingly evident that we can no longer just depend on legacy cyber security solutions to protect organizations and employees. The more we rely on technology in th…
Global Security News, North America
Organizations underestimating the seriousness of insider threats
by Help Net Security •
Imperva releases data that shows organizations are failing to address the issue of insider threats during a time when the risk is at its greatest. New research, conducted by Forrester, found that 59% of incidents in EMEA organizations that negatively i…
Europe, Global Security News, North America
DTEX i3 Team Q&A: The Super Malicious Insider
by Armaan Mahbod •
Earlier this year we published an in-depth report on the insider risk landscape for 2022, with research from the DTEX i3 Team and real-life investigations they’ve led. Last year we saw remote work become the norm, employees being targeted by hackers mo…
Europe, Global Security News, North America
Former GE Engineer Convicted of Economic Espionage
by Christopher Burgess •
On April 1, 2022, the Department of Justice (DoJ) announced the conviction of Xiaoqing Zheng of conspiracy to commit economic espionage following a four-week jury trial. Zheng will be sentenced on August 2, 2022, and faces up to 15 years in prison and…
Global Security News, North America
Hybrid threat model: Watch out for the unhappy employee
by Helga Labus •
In this interview with Help Net Security, James Turgal, VP of Cyber Risk, Strategy and Board Relations at Optiv Security, talks about the hybrid threat model, a new approach that leverages social media to launch cyberattacks on organizations. Threats a…
Europe, Global Security News, North America
World Backup Day: How Insider Threats Intersect with Data Backup and Best Practices for Insider Risk Management
by Jonathan Daly •
World Backup Day is a great time to review the basics of backing up data, and looking ahead to 2022, insider risk management is one key areas to focus on when it comes to data backup. A backup is an additional copy of data and can include an array of c…
Europe, Global Security News, North America
Drawing the RedLine – Insider Threats in Cybersecurity
by Tessa Mishoe •
RedLine Password Theft Malware
The RedLine password theft malware is a hot topic this month with Microsoft’s employee compromise. Though Microsoft didn’t offer many officially released details on what occurred, we can examine how RedLine works to…
Europe, Global Security News, North America
The Great Data Infiltration of 2022—The Data You Don’t Want & Why
by Jonathan Daly •
Sensitive Data and Infiltration Risk The Great Resignation picked up steam in 2021. According to the U.S. Bureau of Labor and Statistics over 32.7 million workers voluntarily quit their jobs in 2021, an increase of over 30% from 2020 and 2019. Total se…
Europe, Global Security News, North America
Qualcomm: ‘We’d Like Our IP Back, Please’
by Christopher Burgess •
It was the third week of January 2022 and the offer letter was signed and accepted; Guarav Kathuria was on his way out the door to start the next chapter in his career and closing out his 12-plus years at Qualcomm. Nothing to see here—this scenario ha…
Global Security News, North America
The importance of ramping up digital forensics and incident response tech investments
by Help Net Security •
Magnet Forensics announced the release of an IDC survey which revealed that more than half of the respondents are expecting to make major investments in digital forensics and incident response (DFIR) technology over the next two years to address growin…
Global Security News, North America
Mid-market tackling high rate of costly attacks, worsened by complex, siloed defences and staff burnout
by Help Net Security •
Mid-market organizations in the UK suffered significant financial and operational damage as a result of cyberattacks in 2021, and want to see fundamental change to how cybersecurity is designed and run, a Censornet research reveals. 33% of mid-market o…
Europe, Global Security News, North America
Look Beyond External Threats to Insider Threats
by Sanjay Raja •
We must never forget to look beyond external threats to insider threats to secure our…
The post Look Beyond External Threats to Insider Threats appeared first on Gurucul.
The post Look Beyond External Threats to Insider Threats appeared first on Secu…
Europe, Global Security News, North America
Exploring the Gartner Rule of Three for Proactive Insider Risk Management
by Jonathan Daly •
Gartner analysts Paul Furtado and Jonathan Care recently published a short piece on insider risk management titled: The Rule of 3 for Proactive Insider Risk Management. The research note provides readers new to the topic with a solid foundation of insi…
Global Security News, North America
How challenging is corporate data protection?
by Help Net Security •
Code42 released a report, conducted by Vanson Bourne, which found that cybersecurity teams are facing unprecedented challenges when it comes to protecting sensitive corporate data from exposure, leak and theft. Identified within the research are three …
Global Security News, North America
The rise of the super malicious insider: Yes, we need to worry
by Help Net Security •
DTEX Systems announced the release of a report which identifies a significant increase in industrial espionage incidents and the rise of the super malicious insider persona, and provides evidence that the abrupt shift to remote work has directly contri…
Europe, Global Security News, North America
Burner Phones, Fake Social Profiles, Cat Fishing—Not a Valentine’s Day Horror Story, It’s the Super Malicious Insider
by Armaan Mahbod •
Netflix recently released a new documentary which is timely to today—Valentine’s Day. It tells the story of The Tinder Swindler, a man who pretended to be a wealthy diamond mogul and courted women on dating apps as part of one big scheme to ultimately …
Europe, Global Security News, North America
2022 Insider Risk Report ~ The Rise of the Super Malicious Insider
by Rajan Koo •
Earlier today we published our 2022 Insider Risk Report, our fifth consecutive since 2017. The purpose of our reports is simple: Help business leaders, cyber security executives and practitioners, advisory and research organizations, as well as MSSP pr…
Global Security News, North America
The four types of remote workers your security awareness program must address
by Help Net Security •
No matter how much technology you acquire or how many specific technical controls you install, when it comes to your information security awareness program, the most important control to tune within your environment is your people. I’m not telling you …
Uncategorized
Smashing Security podcast #260: New hire mystery, hacktivist ransomware, and digi-dating
by Graham Cluley •
Who’s that new guy working at your company, and why don’t you recognise him from the interview? How are hacktivists raising the heat in Belarus? And should you be fully vaxxed for your online date?
All this and much more is discussed in the latest …
North America
Is the Great Resignation a cyber-threat?
by Neil Sutton •
COVID-19 has permanently changed the working landscape over the…
Europe, Global Security News, North America
MITRE and DTEX Form Public-Private Partnership to Elevate Insider Risk Awareness & Advance Human-Informed Cyber Defense Strategies
by Mohan Koo •
In response to workplace changes from the global pandemic, employers are searching for ways to protect a distributed and increasingly remote workforce. Today’s workforce risk is compounded by an increase in employee stress and the continued rise of nat…
Global Security News, North America
How costly is an insider threat?
by Help Net Security •
Proofpoint released a report to identify the costs and trends associated with negligent, compromised, and malicious insiders. Notably, on average, impacted organizations spent $15.4 million annually on overall insider threat remediation and took 85 day…
Global Security News, North America
How do IT leaders plan to overcome remote work security challenges?
by Help Net Security •
Two years ago, IT leaders were forced into remote work. Many viewed it as a temporary experiment. Today, they see it for what it is: the future of work. And they’ve made it their top priority. According to the results of a Citrix Systems and Pulse surv…