Skip to main content

Home/ WPPS C-Suite News/ Group items tagged Insider Threat

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
sandy ingram

THE INSIDE THREAT: Financial firms focus on internal threats, employee errors - 0 views

searchfinancialsecurity.techtarget.com/...9142,sid185_gci1347604,00.html

Security Internal Threat Human Error Employees

shared by sandy ingram on 12 Feb 09 - Cached
  • Mark Steinhoff, head of Deloitte's financial services security and privacy practices, said an organization's biggest mistake would be to let its guard down
  • "The number of breaches that are occurring are really at the hands of insiders and organizations are understanding that there is a real threat of malicious attacks and exposure of personal information by insiders," Steinhoff said.
    • sandy ingram
      sandy ingram on 12 Feb 09
       
      The failing economy may be driving the increased concern over insider threats
    • sandy ingram
      sandy ingram on 12 Feb 09
       
      "We are seeing the layoffs and other forms of downsizing. Frankly with limited budget and less than satisfied employees, it really raises the parameter on that threat."
    • sandy ingram
      sandy ingram on 12 Feb 09
       
      Human error is the leading cause of information systems failure, and is likely to be the main cause of security attacks in the near future, according to 86% of those surveyed
  • sandy ingram on 12 Feb 09
     
    Banks and financial firms are placing more emphasis on internal threats to cut the flow of data leakage as a result of employee mistakes or workers disgruntled with layoffs and downsizing during the economic crisis, according to a recent survey.
sandy ingram

Malicious insider attacks to rise: "This is one of the most significant threats compani... - 0 views

news.bbc.co.uk/...7875904.stm

employee layoffs

shared by sandy ingram on 12 Feb 09 - Cached
  • Microsoft said so-called "malicious insider" breaches are on the rise and will worsen in the present downturn.
  • "This is one of the most significant threats companies face,"
  • "The malicious insider is classed as the greatest security concern because they have access, and relatively easy access, to corporate assets," said Mr Leland.
  • ...5 more annotations...
  • The problem is not just a serious one for business.
  • "The national security and economic health of the United States depend on the security, stability and integrity of our nation's cyberspace, both in the public and private sectors,"
  • A report last week by the Ponemon Institute, a privacy and data-protection research group, found that 88% of data breaches were caused by simple negligence on the part of staff.
  • While insider attacks are lower in number, Mr Rowney said they can be more devastating because the employee knows where "the crown jewels" are kept
  • Verizon indicates these protections are a critical form of risk management that no enterprise can no longer afford to ignore.
  • sandy ingram on 12 Feb 09
     
    "This is one of the most significant threats companies face,"
  • sandy ingram on 12 Feb 09
     
    People to Google: Doug Leland, Microsoft John Brennan, the President's top adviser for counterterrorism and homeland security. Kevin Rowney, Symantec, founder of the firm's Data Loss Prevention Unit
sandy ingram

What's a Company's Biggest Security Risk? You. - WSJ.com - 0 views

online.wsj.com/...4836104576556421692299218.html

Privacy security hack Insider Threat

shared by sandy ingram on 04 Oct 11 - No Cached
  • Consider what happened in March at EMC Corp.'s RSA security unit, the maker of computer login devices used by thousands of other companies. A hacker sent emails to two small groups of employees that looked innocent enough, including a spreadsheet titled "2011 Recruitment plan." The message was so convincing that one employee retrieved it from the "junk mail" folder and then opened the attachment. Doing so introduced a virus inside RSA's network that eventually gave the hacker access to sensitive company data and enabled later attacks against RSA's customers.
  • Employees have more opportunities than ever to compromise company information. We not only screw up by clicking on emails from hackers that download viruses, letting them bypass corporate firewalls. We also open a Pandora's Box of security problems by circumventing company tech-support rules and doing work with personal gadgets and consumer-grade online services like Web email and cloud storage services.
  • Here's a look at what employees are doing wrong and how companies are trying to fight our bad habits
  • ...3 more annotations...
  • Today, we make ourselves easy targets by posting troves of information about ourselves and our jobs online, say security experts. Blogs and professional networks such as LinkedIn are particularly useful sources for criminals, since many people share details about their roles at work, which can be used to help determine corporate hierarchies, among other things.
  • Hackers include dangerous traps in these targeted emails, such as links leading to malware or a Web page designed to dupe the employee into entering passwords. In the RSA attack, the emails included an attachment that took advantage of a previously unknown chink in Adobe Flash software to inject a virus into the company's systems.
  • As older systems that are focused on firewalls fail, corporate IT "needs a new defense doctrine," says RSA's head of identity protection, Uri Rivner. "You need to have security cover inside your organization, rather than your perimeter. You need to understand what your users are doing, and then spot any type of suspicious activity inside."
  • sandy ingram on 04 Oct 11
     
    Hacking attacks against companies are growing bigger and bolder-witness a string of high-profile breaches this year at Sony Corp., Citigroup Inc. and others. But gone are the days when hackers would simply find holes in corporate networks to steal valuable data. Large companies have grown wise to the threat of hacking, and have spent the past 30 years hardening the perimeters of their networks with upgraded technology.
sandy ingram

How long can CISO's avoid Cloud Computing? | CISO - 0 views

ciso.in/...567

security Privacy compliance Best Practice cloud computing workplace ipad tablets windows

shared by sandy ingram on 23 Feb 12 - No Cached
  • Network & Systems delivering the cloud service How does the authentication to access the network devices and operating system implemented? Does it use any two factor authentication? About the availability of the network and security infrastructure? does it implement load balancing or high availability solutions for the critical infrastructure components like firewalls, IPS, reverse proxies etc… Is the underlying cloud systems are secured? Do they have a baseline configuration implemented? How does the configuration managed? Does the cloud computing provider got a plan and/or policy to perform configuration management, patch management, anti-malware etc. Does the network undergoes periodic penetration testing? Does it undergo internal vulnerability assessment periodically? How is it ensuring that a compromised client with privileged access to the operating system is separated internally? Does it undergo periodic audits against standards like ISO27001, SAS70 etc? How is the customer data separated from one another? What are the security controls implemented to ensure this separation? What are the protection and response controls against the Denial of Service attacks?
  • Cloud Applications & Data Protection What are the security controls in the application development process? Does it include security code reviews of the code being developed or used? Is there a documented change and configuration management process? How does the application servers patched and what frequency? What are the mechanisms for managing the access control? How is the database protected from unauthorized access? How are they identifying the access reset requests are from the actual user. How do they create and delete/disable user accounts? what are the procedures for these activities. IS the data encrypted? If encrypted, how is the encryption keys are protected? What is key management process being followed? How is the data loss prevention ensured? Details of the DLP controls implemented? Is there a backup mechanism established? How is the data protected in the backups? Does the cloud service provider meets the regulatory requirements? For example, if the service is a ecommerce service then the cloud service could become part of the card holder environment and thus the PCI DSS regulation as there are potential card data being processed. Similarly, if the health information is processed, it can be HIPAA and similar other regulations. Is the cloud computing service provider meets the compliance requirements? Where is your data being hosted? Is it within your country or its jurisdiction? Is your organization comfortable with the legal system in the country where your data resides? How about cloud computing service provider who has a network of data centres across the globe and your data is scattered across these data centres? Can it limit the countries where the data is stored?
  • What are the conditions / scenarios where the data is revealed without the consent / approval of the organization? Does the application provide enough audit trials to review the incidents? Does it corporate with local legal system? Often the local law authorities require access to the processing computers, how is it support those requests?
  • ...1 more annotation...
  • Security Management What are the information security management policies and procedures implemented and documented? Are all employees required to undergo the security awareness training and acknowledge their acceptance to the policies and procedures at least annually? Is the cloud computing service provider has a dedicated information security professional? What are the network security capabilities established by the service provider? Are these personal technical qualified and certified? How is the insider threats within the cloud service provider being addressed? What is the background verification process being followed by the cloud service provider? Is there a privileged activity monitoring of systems and databases? How is the security incidents and violations are handled? Does it have a documented policy? How is the log integrity ensured? What are the mechanisms implemented to ensure that the logs cannot be altered and / or stopped. How long the logs are kept online and on the backup? What are the business continuity and disaster recovery capabilities of the cloud service provider? Many organization look at cloud as a BCM solution. Does the underlying cloud service provider is capable of delivering a BCM aware cloud service?
sandy ingram

Data Leakage Worldwide White Paper: The High Cost of Insider Threats  [Data L... - 0 views

www.diigo.com/cached

shared by sandy ingram on 13 Nov 08 - Cached
  • sandy ingram on 13 Nov 08
     
    "common examples of employee behaviors that demonstrate a lack of diligence with respect to safeguarding sensitive information include speaking loudly about confidential information in public places, failing to log off laptops, leaving passwords in sight or unprotected, and accessing unauthorized websites.Common examples of employee behaviors that demonstrate a lack of diligence with respect to safeguarding sensitive information include speaking loudly about confidential information in public places, failing to log off laptops, leaving passwords in sight or unprotected, and accessing unauthorized websites."
sandy ingram

Data Leakage Worldwide White Paper: The High Cost of Insider Threats  [Data L... - 0 views

www.cisco.com/...white_paper_c11-506224.html

shared by sandy ingram on 12 Nov 08 - Cached
  • sandy ingram on 12 Nov 08
     
    Apathy and overwhelming amounts of data are key points why employees lose information
1 - 6 of 6
Showing 20 items per page