INSIDER THREAT SECURITY BLOG

This year’s RSA convention was a riot of sights and sounds with a lot of familiar faces, mega-booths with flashy giveaways, as well as some new/old companies in the form of recently acquired or merged organizations. There were the familiar topics of security analytics, security as a service, and advanced threat detection, but on the surface, it is difficult to pick out any obvious new trends. After thinking back about everything I saw, I have decided that the one common theme was the re-em…

Halfway through the year, 2018 has seen an increase of insider threats that continue to highlight how privileged access is easily abused for a variety of nefarious activities. Tesla, the electronic car manufacturer, was hit by an insider that used their access to sabotage systems and give away trade secrets. A Punjab National Bank employee gained access to sensitive passwords to the SWIFT interbank transaction system. And in a further abuse of user’s privacy and trust, a member of Facebook’s …

Transforming Active Directory Security Five years ago we introduced the StealthINTERCEPT product line, to address the growing requirement for a comprehensive Active Directory change and access monitoring solution. We know that Active Directory is safest when it is clean, properly configured, closely monitored, and tightly controlled – that is exactly what StealthINTERCEPT has been successfully doing for its users. The security implications of a well maintained and monitored AD environment ha…

The Year of Ransomware Many predicted that 2017 would be the year of ransomware and that was indeed true. This past year the ransomware industry evolved, and the marketplace for ransomware software has grown by 2,502%. Ransomware sales on the dark web have increased from less than $400,000 in 2016 to approximately $6.25 million in 2017. But, this year has shown us much more than just the prevalence of ransomware, it has shown us the increasing need for cybersecurity insurance, true and ef…

What Security Strategy is Best For Your Organization? There are some great examples of Chief Executive Officers (CEOs) and Chief Information Security Officers (CISOs) working together towards protecting their employees, customers, and organization. On the other end of the spectrum, you have CEOs and CISOs that do not work well together. In order to evenly align your security strategy with the business’s needs, you have to be able to see eye-to-eye on the key issue of how your organization’s …

Sensitive Data Attacks vs. Typical Headlines As I write this, you are likely reading something about the Equifax breach. The attention it is getting is well-deserved. So many millions of personal records and sensitive data exposed are always a cause for concern. However, it feeds an unhealthy cycle. Huge breaches happen when attackers break a web application—or get lucky with phishing and pull a huge spreadsheet off the first desktop they hit. This causes the press to believe that all the…

Preventing Data Theft with File Activity Monitoring If you ask most folks who pay attention to cybersecurity what the recent big-name breaches and headline-grabbing malware have in common, you would get many answers. Some would say they were next-generation ransomware like NotPetya or WannaCry. Others would say that the HBO and Sony breaches started with a phishing email and ballooned from there. Even more would say that next-generation firewalls should have helped but didn’t. While these ar…

The New York State Department of Financial Services (DFS) new cybersecurity standard, New York Code Rules and Regulations 500 (NYCRR 500), extends past New York state limits to “subsidiaries or affiliates”. This regulation mandates each institution have a cyber security program, Chief Information Security Officer (CISO), access controls, asset management, data governance, software development practices, annual certification of their compliance, and more. As far as regulatory compliance standa…

On the heels of breaches at Cravath Swaine & Moore LLP, Weil Gotshal & Manges LP among others, The Association of Corporate Counsel (ACC) has issued its first-ever guidelines on the basic data security measures that in-house counsel should expect from their law firms. Law firms are warehouses of client information making them prime targets for attackers. The legal ethics rules require attorneys to take competent and reasonable measures to safeguard information relating to a client …

At the RSA Conference 2017 in San Francisco, CA we were able to survey more than 300 security professionals. One of the survey questions was, “Is your organization preparing for the EU General Data Protection Regulation (GDPR)?” 67% of respondents said that their organizations were preparing. Regulatory Compliance Standards Regulatory compliance standards such as PCI-DSS, HIPAA, and SOX are simply meant as a baseline for security organizations. Unfortunately, they have set the groundwork fo…