Blog Posts Tagged with "Insider Threats"
Separation of Duties for System Administrators
January 09, 2012 Added by:Rafal Los
How do our organizations treat administrators (more specifically highly privileged users) when they are removed from active duty? It seems that in large organizations the issue is easier to at last draw a line around than in smaller orgs - but the problems remain...
Comments (1)
Was Stratfor Breached By an Insider?
January 03, 2012 Added by:Jeffrey Carr
I'm not accusing Michael Mooney of being involved. I am, however, stating that attacks by insiders who hold a grudge against their employer are common and Mooney's position along with the circumstances around his departure will certainly be explored by law enforcement...
Comments (4)
Data Loss Prevention - Step 3: Engage Physical Security
December 20, 2011 Added by:Rafal Los
While often missed, this component of security is one of the most critical when it comes to understanding, and fighting the loss of data in your organization in a very real, tangible way. There are three types of threats you want to be aware of from the physical perspective...
Comments (0)
Key Sessions at the CISO Executive Summit 2011
December 03, 2011 Added by:Steven Fox, CISSP, QSA
As information assurance matures, its identity in the organizational culture is merging with the business units it supports. Practitioners are challenged to adapt their skills to the evolution of an infosec business function separate from its legacy association with the IT department...
Comments (0)
Bank Executive Pleads Guilty to Stealing Nearly $2 Million
December 01, 2011 Added by:Headlines
"Walker... withdrew money from a line of credit in the name of a trust that held an account at Farmers and Merchants. To cover up the scheme, Walker made interest payments on the money supposedly loaned to the trust. Walker will face a maximum sentence of 30 years in federal prison..."
Comments (0)
PwC’s Economic Crime Survey Focuses on Cybercrime
November 30, 2011 Added by:Headlines
"Many executives have yet to seize upon the serious nature of the cybercrime threat. Cybercrime has emerged as a formidable threat, thanks to deeply determined, highly skilled, and well-organized cybercriminals, from nation states to hacktivists, from criminal gangs to lone-wolf perpetrators..."
Comments (0)
GAO Report: IRS Security Controls Continue to Languish
November 16, 2011 Added by:Headlines
The "IRS did not, in GAO’s opinion, maintain effective internal control over financial reporting... These issues increase the risk of unauthorized individuals accessing, altering, or abusing proprietary IRS programs and electronic data and taxpayer information,” the report contends...
Comments (0)
What To Do About Insider Threats
November 14, 2011 Added by:PCI Guru
Insiders must have access to information that the general public or even you business partners do not. As a result, should an employee get sloppy with controls or go “rogue,” you can expect to lose whatever information that person had access. Remember my mantra – security is not perfect...
Comments (0)
PCI and the Insider Threat
October 24, 2011 Added by:PCI Guru
The biggest problem with the insider threat is that it does not matter how much technology you have to protect your assets as it only takes one person in the right place to neutralize every last bit of your security solutions. Just ask anyone any of the recently breached organizations...
Comments (0)
The Great Infosec Cop-Out?
October 17, 2011 Added by:Javvad Malik
Often, security people find ways to pass the blame onto our end users. In some cases this is justified; but not all the time. And because of this, I feel it’s come to be one of the biggest cop-outs in the field of information security...
Comments (0)
Over 100 Arrested in Credit Card Fraud Operation
October 10, 2011 Added by:Headlines
"This is by far the largest... identity theft/credit card fraud cases that law enforcement has come across. Credit card fraud and identity theft are two of the fastest growing crimes in the United States, afflicting millions of victims and costing billions..."
Comments (0)
Insider Threat: Guard Indicted for Chinese Espionage
October 03, 2011 Added by:Headlines
Bryan Underwood, a former contract guard working at a U.S. Consulate in China, has been charged in a superseding indictment with one count of attempting to communicate national defense information to a foreign government...
Comments (0)
Financial Analyst Fined And Jailed for Data Breach
September 30, 2011 Added by:Headlines
Rebollo was arrested in 2008 after an investigation revealed that he had downloaded, possessed, and sold consumer information contained in Countrywide databases. Rebollo distributed financial information and contact information pertaining to approximately 2.5 million individuals...
Comments (0)
A Stuxnet Apocalypse?
September 13, 2011 Added by:Scot Terban
"Could a Stuxnet-like system affect the production and development of a nuclear weapon? Yes and no. Yes as in it certainly could screw up enrichment, obviously, but wouldn’t screw up the end-result - hence why Stuxnet was found in the first place..."
Comments (1)
Stuxnet Could Be Modified to Undermine Nuclear Weapons
September 12, 2011 Added by:Headlines
"Nuclear warheads are controlled by computers so if someone managed to slip a worm inside a facility that will reach the warhead component, they could launch it and than aim it back at the country’s facility... Stuxnet is the first cyber weapon that could cause major disruption...:
Comments (3)
Insider Threat: Top Scientist Pleads Guilty to Espionage
September 12, 2011 Added by:Headlines
“Preventing the loss or compromise of high-technology and vital national security information is a top priority of the FBI. This case is a prime example of what happens when a person decides to sell our nation’s most valuable secrets for individual gain..."
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)