Today's credential based threats
are complex, often touching many systems, using
multiple log-ins, and spanning a period of several
months. These insider threats involve the legitimate
credentials and access privileges of real users,
making them challenging for legacy security solutions
The Department of Veterans Affairs’ watchdog agency alleges that two VA employees “concealed” and “mispresented” the cybersecurity and privacy risks of an ambitious "big data" project that would have analyzed 22 million veterans’ health records dating back two decades.
Does your organization have a plan in place if one of your employees is accused of being an insurrectionist? If your software was being used to spread plans for a riot, could you detect that? Threat modeling expert Adam Shostack discusses how companies should be prepared to respond to issues in the news.
Fraud is an increasingly serious threat for businesses around the world, eroding data integrity and security, consumer confidence and brand integrity. When fraud is discussed, hackers or external fraudsters often come to mind. However, insider fraud is a critical threat that is growing.
Download this white...
It’s common for organizations to focus a large
portion of their security strategy around potential
outside cyber-threats. However, studies show that insider threats are on the rise and many times are
more difficult to identify. Learning and observing common insider behaviors and
technical actions is one of your...
A former Microsoft software engineer has been sentenced to nine years in prison after being found guilty on 18 criminal charges in connection with the theft of more than $10 million through the company's online retail platform.
COVID-19 accelerated everything else digital; why not fraud, too? In this latest CEO/CISO panel, cybersecurity leaders talk frankly about the pace and scale of new fraud schemes from business email compromise to card not present to insider risk.
A remote workforce. Economic stress. Pandemic fatigue. These ingredients create a "perfect storm" for insider risk, whether through malicious acts or accident. What can you do to improve monitoring and mitigation of insider risk in these unique conditions?
Randy Trzeciak, director of the CERT Insider Threat Center...
Amidst this new "perfect storm" of insider risk, enterprises face new challenges in detecting malicious and accidental activities. Tricia Hoyt, Director of Security Operations at ReliaQuest, offers insight on how to assess and reduce the risks.
A former vice president of a personal protective equipment packaging firm has been sentenced to prison and ordered to pay restitution for sabotaging the company's electronic shipping records during the COVID-19 pandemic - causing delays in deliveries - after he was terminated from his job.
A recent incident at a Canadian hospital involving a vendor's former employee who allegedly stole patient records in an attempt to extort money after being laid off illustrates the complex insider threats organizations face.
Death via a thousand paper cuts? The U.S. government hasn't been able to arrange a domestic court date for whistleblower Edward Snowden, but via the courts, it's successfully been awarded $5.2 million in his book royalties and revenue from speaking engagements.