This is a basic tenant of cybersecurity & I cannot stress how important this is to any size organization. Yes, user audits are painful & tedious but they need to be performed at least annually. Depending on the size of your organization & its turnover it may even be something to perform on a quarterly basis.
From Security Week:
Organizations Fail to Maintain Principle of Least Privilege
"Security requires that confidential commercial data is protected; compliance requires the same for personal information. The difficulty for business is the sheer volume of data generated makes it difficult to know where all the data resides, and who has access to it. A new report shows that 47% of analyzed organizations in 2016 had at least 1,000 sensitive files open to every employee; and 22% had 12,000 or more.
These figures come from the Varonis 2016 Data Risk Assessments report. Each year Varonis conducts more than 1,000 risk assessments for both existing and potential customers. For its latest analysis of data risk, it has selected, at random, 80 of these assessments. They cover 33 industries in 12 different countries. Forty-two of the organizations have fewer than 1000 employees, and 38 have 1001 or more employees."
Showing posts with label Insiderthreat. Show all posts
Showing posts with label Insiderthreat. Show all posts
Thursday, April 27, 2017
Thursday, July 16, 2015
The Insiders: A Rogues Gallery
From Dark Reading:
The Insiders: A Rogues Gallery
The Insiders: A Rogues Gallery
Insider threats range in severity and scope depending on the insider’s level of access, skill, sophistication, and intention. Most, however, fall into one of three categories: imposters/external threats, malicious insiders, and non-malicious insiders.
- External threats/account takeovers occur when an outsider hijacks credentials and poses as a legitimate user. This imposter leverages the inherent trust of the organization’s infrastructure to gain access to critical data or dupe other users into installing additional malware. Perpetrators can be former employees acting out of malice or retribution or outsiders using stolen credentials to access and take sensitive data.
- Malicious insiders – employees or other legitimate users like contractors – have access to privileged data and systems, and seek to cause direct or indirect harm to an organization. Most often, they act to negatively affect the confidentiality, integrity, or availability of the organization’s most valuable and sensitive information.
- Non-malicious insiders may still directly or indirectly cause an organization significant harm. By accidentally exposing sensitive data or falling prey to a phishing scam, these insiders open the door for an Advanced Persistent Threat (APT) to compromise the network.
Tuesday, July 14, 2015
3 ways to stop insider threats in your organization
From Help Net Security:
3 ways to stop insider threats in your organization
No one wants their organization to be the next poster child for a major informational breach. No one wants their company to make headlines for having their data compromised or stolen. No one wants their governmental agency to become the example of what not to do in security IT.
Mitigating insider threat is critical to keeping your organization from becoming the next cautionary tale of poor informational security practices. With that in mind, here are three key strategies to limit insider threat in your organization.
3 ways to stop insider threats in your organization
No one wants their organization to be the next poster child for a major informational breach. No one wants their company to make headlines for having their data compromised or stolen. No one wants their governmental agency to become the example of what not to do in security IT.
Mitigating insider threat is critical to keeping your organization from becoming the next cautionary tale of poor informational security practices. With that in mind, here are three key strategies to limit insider threat in your organization.
Thursday, July 9, 2015
The best way to prevent data breaches? It's not what you think
From Help Net Security:
The best way to prevent data breaches? It's not what you think
Data security breaches seem to be popping up almost daily. From the 2015 IRS breach, to the hacking of federal government employees’ data by China, it’s clear much of our most important data are at risk. Yet, one of the most obvious frontline defenses is often overlooked.
When people think of hacking attempts, Hollywood makes it seem that it’s a matter of overcoming a computer system or firewall through some brilliant algorithm or brute force attack. But in reality, the easiest way to hack into an organization is through its employees.
The best way to prevent data breaches? It's not what you think
Data security breaches seem to be popping up almost daily. From the 2015 IRS breach, to the hacking of federal government employees’ data by China, it’s clear much of our most important data are at risk. Yet, one of the most obvious frontline defenses is often overlooked.
When people think of hacking attempts, Hollywood makes it seem that it’s a matter of overcoming a computer system or firewall through some brilliant algorithm or brute force attack. But in reality, the easiest way to hack into an organization is through its employees.
Friday, June 5, 2015
Stagnant budgets and rising insider security threats
From Help Net Security:
Stagnant budgets and rising insider security threats
A Vectra Networks survey of more than 500 cybersecurity professionals in the Information Security Community on LinkedIn reveals that insider threats are rising, but IT security budgets are not. Of those surveyed, 68 percent feel vulnerable to insider threats and less than half feel they have sufficient control over insider threats.
Stagnant budgets and rising insider security threats
A Vectra Networks survey of more than 500 cybersecurity professionals in the Information Security Community on LinkedIn reveals that insider threats are rising, but IT security budgets are not. Of those surveyed, 68 percent feel vulnerable to insider threats and less than half feel they have sufficient control over insider threats.
Saturday, May 16, 2015
Combating insider threats in the contact center
From Help Net Security:
Combating insider threats in the contact center
Advances in security technology are making many payment channels safer than ever for consumers, however, they are also forcing professional fraudsters to concentrate on an ever-diminishing number of more vulnerable targets. One of these is the traditional contact centre, where the huge volume of daily Card Not Present (CNP) transactions being processed, combined with often lax physical security measures, is making them an increasingly attractive target for criminal gangs.
Combating insider threats in the contact center
Advances in security technology are making many payment channels safer than ever for consumers, however, they are also forcing professional fraudsters to concentrate on an ever-diminishing number of more vulnerable targets. One of these is the traditional contact centre, where the huge volume of daily Card Not Present (CNP) transactions being processed, combined with often lax physical security measures, is making them an increasingly attractive target for criminal gangs.
Wednesday, May 13, 2015
US Passport Agency contractor stole applicants’ data to steal their identities
From Help Net Security:
US Passport Agency contractor stole applicants’ data to steal their identities
Three women from Houston, Texas, stand accused of engaging in an identity theft scheme in which one of them, a contract employee of the Department of State Passport Agency, was in charge of stealing personally identifiable information of persons applying for a passport.
US Passport Agency contractor stole applicants’ data to steal their identities
Three women from Houston, Texas, stand accused of engaging in an identity theft scheme in which one of them, a contract employee of the Department of State Passport Agency, was in charge of stealing personally identifiable information of persons applying for a passport.
Friday, May 8, 2015
Security Awareness? How do you keep your staff safe?
From SANS ISC:
Security Awareness? How do you keep your staff safe?
If you’ve been following recent diaries from my fellow handlers Brad and Manuel, they peel the covers back on a couple current malicious emails campaigns. Many of the readers of the Storm Center diaries will be use to the ebb and flow of these stories. Here in Australia there’s a speeding fine scam email [1] that’s been running for the last few weeks, and there’s no indication it will drop off any time soon.
Security Awareness? How do you keep your staff safe?
If you’ve been following recent diaries from my fellow handlers Brad and Manuel, they peel the covers back on a couple current malicious emails campaigns. Many of the readers of the Storm Center diaries will be use to the ebb and flow of these stories. Here in Australia there’s a speeding fine scam email [1] that’s been running for the last few weeks, and there’s no indication it will drop off any time soon.
Thursday, May 7, 2015
Classification and protection of unstructured data
I can't stress how important a data classification system is. Every document, spreadsheet, PowerPoint and so on should be classified. Whether by metadata or another application everything should be tagged in some manner. General tags are; public, internal, private, classified and so on. Create tags that suit your SOHO/SMB needs, create a data classification policy and enforce it.
From Help Net Security (podcast):
Classification and protection of unstructured data
In this podcast recorded at RSA Conference 2015, Stephane Charbonneau, CTO of TITUS, talks about TITUS Classification Suite 4, a significant new release of its flagship data identification and information protection suite.
From Help Net Security (podcast):
Classification and protection of unstructured data
In this podcast recorded at RSA Conference 2015, Stephane Charbonneau, CTO of TITUS, talks about TITUS Classification Suite 4, a significant new release of its flagship data identification and information protection suite.
Friday, May 1, 2015
CTO insights: Defending your organization from insider attacks
Do not underestimate the threat posed by insiders. Whether intentional or unintentional user behavior can cause significant issues for your SOHO/SMB. For more info check out the great work Lance Spitzner (@lspitzner) is doing at SANS Securing the Human project (@securethehuman).
From Help Net Security:
CTO insights: Defending your organization from insider attacks
If you’ve read enough crime novels or seen enough action movies, the plot is all too familiar to you: an insider – acting to correct some slight or insult he or she received years ago – turns against an organization and inflicts significant damage. Sometimes the insider is on the side of the good guys, sometimes on the bad guys.
From Help Net Security:
CTO insights: Defending your organization from insider attacks
If you’ve read enough crime novels or seen enough action movies, the plot is all too familiar to you: an insider – acting to correct some slight or insult he or she received years ago – turns against an organization and inflicts significant damage. Sometimes the insider is on the side of the good guys, sometimes on the bad guys.
Tuesday, April 28, 2015
Google blushes over Google Maps showing Android icon urinating on Apple icon
From Sophos Naked Security:
Google blushes over Google Maps showing Android icon urinating on Apple icon
As of Monday, all was well in Pakistan's Ayub National Park, at least as far as Google Maps was concerned, which was showing it as a verdant green swath of pixels.
Google blushes over Google Maps showing Android icon urinating on Apple icon
As of Monday, all was well in Pakistan's Ayub National Park, at least as far as Google Maps was concerned, which was showing it as a verdant green swath of pixels.
Thursday, February 19, 2015
Employees vulnerable to cyber crime
From The Scotsman:
Employees vulnerable to cyber crime
EMPLOYEES are the chief source of cyber crime against companies, and healthcare data is a key target, writes Gareth Mackie
Employees vulnerable to cyber crime
EMPLOYEES are the chief source of cyber crime against companies, and healthcare data is a key target, writes Gareth Mackie
Thursday, January 22, 2015
Tuesday, January 13, 2015
Monday, January 12, 2015
Thursday, December 18, 2014
Tuesday, December 16, 2014
Thursday, December 11, 2014
Subscribe to:
Comments (Atom)