Blog Posts Tagged with "Insider Threats"


Tripwire Examines the State of Risk-Based Security Management

June 14, 2012 Added by:Headlines

"Though organizations profess a commitment to RBSM... this security practice is still in its infancy. To establish an effective... program, certain barriers need to be addressed. These include securing adequate resources, having employees with the necessary expertise and designating strong leaders..."

Comments  (0)


Judge Upholds Charges Against WikiLeaker Bradley Manning

June 12, 2012 Added by:Headlines

Manning is accused of the largest intelligence leak in U.S. history while deployed to Iraq as a military intelligence analyst, including installing unauthorized software onto government computers to extract classified information and transmitting the data to the whistle-blowing group WikiLeaks...

Comments  (0)


Programmer Pleads Guilty to Stealing Code from Federal Reserve

May 30, 2012 Added by:Headlines

“Bo Zhang may have thought that he left no fingerprints when he engaged in his high-tech thievery—stealing proprietary government software worth nearly $10 million using little more than a mouse—but he was mistaken. He was caught in his tracks and now he will be punished for his cyber-thievery"...

Comments  (0)


Insider Threat: Former PNC Manager Pleads Guilty to Bank Theft

May 25, 2012 Added by:Headlines

Laird stole the funds through a number of means: opening credit accounts in her father’s name without authorization; making redemptions from CD accounts of five customers; opening checking accounts in other names and wroting checks to pay her personal bills and expenses...

Comments  (0)


IT Security: Preventing Insider Threats

May 24, 2012 Added by:Robert Siciliano

An employee at Fannie Mae, knowing he is about to be fired, installed a logic bomb set to detonate almost 3 months after his departure. The detonation would have taken the organization off line for almost a week and cost millions and millions of dollars...

Comments  (0)


Has Anonymous Infiltrated the US Government?

May 16, 2012 Added by:Plagiarist Paganini

"Right now we have access to every classified database in the U.S. government. It’s a matter of when we leak the contents of those databases, not if. You know how we got access? We didn’t hack them. The access was given to us by the people who run the systems…"

Comments  (6)


FBI Guidance of Combating the Insider Threat

May 15, 2012 Added by:Infosec Island Admin

The thief who is harder to detect and who could cause the most damage is the insider — the employee with legitimate access. They may steal solely for personal gain or be a “spy”—someone who is stealing company information or products in order to benefit another organization or country...

Comments  (0)


The CERT Guide to Insider Threats

May 07, 2012 Added by:Ben Rothke

While there are many books on important security topics such as firewalls, encryption, identity management and more, The CERT Guide to Insider Threats is the one of the first to formally tackle the devastating problem of trusted insiders who misappropriate data...

Comments  (0)


Why Do You Need Privileged Identity Management?

April 30, 2012 Added by:DHANANJAY ROKDE

Most access provided is typically role-based. However, many forget to consider factors like data classification and ownership. Network, system and database managers get access to what they are responsible for, but there are five questions that need to be asked...

Comments  (0)


From Fraud to Infosec and Vice Versa... Part 2

April 23, 2012 Added by:Neira Jones

In my previous post I summarized fraud and how it relates to infosec. Key enablers used to defraud victims of all types cut across the landscape and often overlap, posing further challenges for quantifying their impact, but the classifications are nonetheless helpful...

Comments  (0)


Ten Ways to Handle Insider Threats

April 18, 2012 Added by:Brent Huston

Tough economic times make it tempting for an employee to switch his white hat to a black one for financial gain. Insider threats also include contractors, auditors, and anyone who has authorized access to systems. How can you minimize the risk? Here are a few tips...

Comments  (1)


Beyond the Firewall – Data Loss Prevention

April 05, 2012 Added by:Danny Lieberman

It doesn’t matter how they break into your network or servers – if attackers can’t take out your data, you’ve mitigated the threat. This paper reviews the taxonomies of advanced content flow monitoring that is used to audit activity and protect data inside the network...

Comments  (0)


Average Cost of a Data Breach $5.5 Million in 2011

March 23, 2012 Added by:Headlines

“Insiders continue to pose a serious threat to the security of their organizations. This is particularly true as the increasing adoption of tablets, smart phones and cloud applications in the workplace means that employees are able to access corporate information anywhere..."

Comments  (0)


Experts Tell Senate that Critical Networks are Compromised

March 22, 2012 Added by:Headlines

"I think we've got the wrong mental model here. We've got to go to a model where we assume our adversary is in our networks, on our machines, and we've got to operate anyway, we've got to protect the data anyway," said Sandia National Laboratory's James Peery....

Comments  (0)


Implementing Least Privilege

March 15, 2012 Added by:Ben Rothke

Least privilege is the notion that in a particular abstraction layer of a computing environment every module - such as a process, a user or a program depending on the subject - must be able to access only the information that is necessary for its legitimate purpose...

Comments  (1)


Examining the Top Ten Database Threats

March 14, 2012 Added by:PCI Guru

Most attacks are perpetrated inside the perimeter, so protection from an inside attack is important. Once an attacker is on the inside, it is easy to use SQL injection or other techniques to obtain data. Organizations are just beginning to understand the insider threat...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »