Collaborate Disseminate
A new study from the Varonis Data Lab found that on average, 21% of a company’s folders were accessible to every employee, and 41% of companies had at least 1,000 sensitive files open to all employees. The report, based on analysis of data risk assessm… Continue reading How companies continue to expose sensitive data to threats
Cyber security breaches in the Middle East are widespread and frequently undetected, with 30 percent of the region’s attacks targeting operational technology (OT), finds a new study by Siemens and Ponemon Institute. The study, which examines the region… Continue reading Middle East oil and gas companies are unprepared to address OT cyber risk
This article is part 3 of 3 in the “Insider Enterprise Threats” series, outlining effective policies and practices for combating insider cyber security threats (human behavior) to the modern enterprise. Over the course of this series, we… Continue reading Insider Enterprise Threats: Human Behavior
Based on interviews with nearly 1,500 cybersecurity professionals over three years, Haystax Technology released a study that makes it clear that organizations are feeling the pressure from insider threats and are ramping up detection, prevention and re… Continue reading Cybersecurity pros don’t feel equipped to stop insider attacks
This article is part 1 of 3 in the “Insider Enterprise Threats” series, outlining effective policies and practices for combating insider cyber security threats to the modern enterprise. Insider cyber security threats are much more prevalent… Continue reading Insider Enterprise Threats: User Activity Monitoring
This article is part 1 of 3 in the “Insider Enterprise Threats” series, outlining effective policies and practices for combating insider cyber security threats to the modern enterprise. Insider cyber security threats are much more prevalent… Continue reading Insider Enterprise Threats: User Activity Monitoring
Many organizations still believe the definition of an insider threat is limited to a rogue employee purposefully leaking embarrassing information, or nuking a couple of systems when he or she quits and walks out the door with internal or customer data … Continue reading Tackling the insider threat: Where to start?
The US DHS Office of Inspector General (OIG) has confirmed that the “privacy incident” discovered in May 2017 resulted in the theft of personally identifiable information of DHS employees and individuals associated with investigations. The … Continue reading DHS insider breach resulted in theft of personal info of staff and people involved in investigations
Process and software inefficiencies play a major role in slowing down an organization’s ability to detect and respond to cyber threats, according to LogRhythm. Over one-third of IT decision makers say their teams spend at least three hours a day on tas… Continue reading Security pros waste 10 hours a week due to inefficient systems
Image via The CMU CERT Blog
Superbly researched deep dive within the Insider Threat realm, this time by Tracy Cassidy (Insider Threat Researcher at the CERT National Insider Threat Center. A Good and Necessary Read.
Permalink
The post CMU/SEI, Tracy C… Continue reading CMU/SEI, Tracy Cassidy’s ‘Technical Detection of Intended Violence: Workplace Violence as an Insider Threat’