FBI CISO Patrick Reidy and insider threat analyst Kate Randal spoke on behavioral-based indicators to determine insider threats within the workplace.
November 01, 2012
Most organizations cite trust issues as their primary reason for deciding against outsourcing their computing resources and data assets. So just what are cloud providers doing to ensure protection?
September 24, 2012
When it comes to insider threats, we often focus on implementing technologies and auditing at the endpoint, but it's the user behavior that we have to get a better grasp of.
September 20, 2012
There may be no silver bullet to detect or prevent insider threats, but there are sophisticated technological solutions that can help.
July 05, 2012
The theft or misuse of corporate assets and customer data poses challenges, but there are strategies and tools to put in place to help mitigate the possibility.
Many organizations are focusing their security efforts on deterring the external attack -- often at the expense of catching the insider threat. This could be a costly oversight, especially with the rise of BYOD.
June 14, 2012
IT security practitioners tend to focus on networked security threats, but preventing insider threats are where the real challenges lie.
Every company in every part of the world is subject to some level of insider threat.
Unauthorized individuals gained access to the personal data belonging to customers of New York State Electric & Gas (NYSEG) and Rochester Gas & Electric (RG&E), which are owned by Iberdrola USA.
The defendants were part of a coordinated operation that resulted in the theft of more than $2 million from JP Morgan Chase Bank, TD Bank, Citibank, Discover and American Express.
Patrick Ricciardi, 45, allegedly abused his access as an information systems specialist to spy on official emails meant for Hoboken, N.J. Mayor Dawn Zimmer.
The order follows a seven-month, government-wide review, prompted by the leak of classified U.S. documents by whistleblower site WikiLeaks.
A senior analyst at Countrywide Financial was ordered to pay $1.2 million in restitution after pleading guilty to his role in a scam to steal personal data of customers.
Montreal-based security supervisor Joseph Mercier has been charged by the RCMP after allegedly developing malware to create a botnet.
UCLA Health System must pay $865,500 as part of a settlement with the U.S. Department of Health and Human Services (HHS) over complaints that employees snooped on the health records of two celebrities.
The personal information of thousands of current and former California state employees was improperly copied to a hard drive and removed from state offices.
A USB stick containing the personal information of thousands of employees of Alberta's Edmonton Public School Board has gone missing.
A major U.S. energy supplier has found no evidence of breach despite claims by a former employee that he hacked into the company's New Mexico wind turbine facility as revenge for being fired.
A former network engineer at Gucci has been charged with hacking into the company's network, deleting data and shutting down servers and networks.
A former Dallas hospital guard was sentenced last week to nine years in federal prison for breaking into hospital computers, planting malicious software and planning a distributed-denial-of-service (DDoS) attack.
A software programmer charged with copying secret financial trading code from Goldman Sachs computers was sentenced Friday to eight years in prison. Sergey Aleynikov, 41, a naturalized U.S. citizen who emigrated from Russia, had resigned from his $400,000-a-year Goldman Sachs position in June 2009 to take a new job in Chicago. Before going, however, he uploaded code related to the firm's proprietary trading program from his workstation to a server in Germany and then downloaded it to his computers at home. Aleynikov was also ordered to pay a $12,500 fine and serve three years of supervised release following his sentence.
March 01, 2011
Dust off your company's risk assessment process and make sure it is up to date because this is where your approach to defending against a WikiLeaks type of threat is going to start.
February 01, 2011
Thanks to WikiLeaks and a struggling economy, the internal threat has risen to a new level of prominence. Dawn Cappelli of Carnegie Mellon describes the profile of the rogue insider.
Debate: The model of 'trust but verify' is effective at mitigating the insider threat.
Join us online today for the latest free SC eSymposium: Insiders with access.
January 19, 2011
Today's security appliances do a great job patrolling the network perimeter, but what do you do when the threat is coming from inside the building?
January 18, 2011
This year, thanks to a renewed focus on the insider threat, the longings of the security professional may come to fruition.
Federal departments and agencies that handle classified data are required by Jan. 28 to complete an assessment of the safety measures they have in place to protect national security information, an effort prompted by the leak of confidential U.S. documents by whistleblower site WikiLeaks.
Whether the trend of privatizing military resources is good or not, it is already happening.
I'm sorry to hear that federal prosecutors, in a desire to get WikiLeaks founder Julian Assange to the United States to face charges for his role in the exposure of classified diplomatic cables, are turning to the Computer Fraud and Abuse Act for help.
