Insider Threat Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

Insider Threat

How to mitigate non-malicious insider risk (and why employee awareness is key)

 960 640 Guest Post
By:
0
0

‘Your people are your most important asset’ is a well-worn phrase. However, in the wrong environment, employees can also present a substantial cyber-threat to organizations, and evidence suggests this problem keeps on growing: there’s been a 47% rise in the frequency of incidents involving insider threats between 2018 and 2020, with over half (62%) of these incidents being non-malicious.

In this articleInfosecurity Magazine looks at what organizations can do to mitigate the rise of insider threat incidents, and the central role employee security awareness campaigns plays in guarding against this issue.

Read More…

WEBINAR REWIND: Overcoming The Challenges Of Selecting An Insider Threat Detection Tool

 960 640 Stuart O'Brien
By:
0
1

Don’t worry if you missed last week’s insider threat webinar from Veriato – You can now re-watch the entire session online!

In a crowded market with so many new products being released, it can often be hard to make sure you’re getting the right tool for your organization’s security needs. Purchasing an Insider Threat Detection tool for your organization requires extensive research, which can be very time-consuming.

In the webinar, Veriato cleans up some of the noise in the industry together with experts Jim Henderson from the Insider Threat Defense Group and Dr. Christine Izuakor from CyberPopUp. In the webinar, they discuss:

  • Cutting through the hype to see what a product can really do – is it all just marketing fluff?
  • To AI or not to AI – Machine Learning Vs Statistical Analysis
  • Core requirements for Insider Threat Detection solutions – Private Sector Vs Government considerations

Click Here To Watch Again Now

WEBINAR: Overcoming The Challenges Of Selecting An Insider Threat Detection Tool

 960 640 Guest Post
By:
0
2

By Veriato

In a crowded market with so many new products being released, it can often be hard to make sure you’re getting the right tool for your organization’s security needs. Purchasing an Insider Threat Detection tool for your organization requires extensive research, which can be very time-consuming.

In our latest webinar, we try and clean up some of the noise in the industry together with experts Jim Henderson from the Insider Threat Defense Group and Dr. Christine Izuakor from CyberPopUp. In this webinar, we’ll discuss:

  • Cutting through the hype to see what a product can really do – is it all just marketing fluff?
  • To AI or not to AI – Machine Learning Vs Statistical Analysis
  • Core requirements for Insider Threat Detection solutions – Private Sector Vs Government considerations

Sign up now to learn more!

WEBINAR REWIND: Managing The Compliance & Security Nightmares Caused By A Remote Workforce

 960 640 Stuart O'Brien
By:
0
1

Don’t worry if you missed last week’s brilliant webinar from Veriato – You can now watch the entire session again online!

In an in-depth and wide ranging talk, Veriato’s Director of EMEA Sales Director Chris Gilkes takes us through how your organisation can maintain compliance while employees are working remotely.

Why is this important? Put simply, as employees connect to servers each morning through VPN, to download corporate data that they need, compliance and security can easily be compromised. As soon as the employee disconnects from the VPN, corporate visibility is lost and compliance can’t be maintained.

There are precautions and best practices that are being employed by many organizations and should be part of the security and compliance infrastructure as companies adapt to the new norm of both people and sensitive data residing in remote locations.

Chris addresses how companies can protect themselves with the right tools to mitigate compliance and security concerns, encompassing:-

  • Maintaining compliance while employees work remotely
  • Maintaining Compliance when employees go offline
  • VPN vulnerabilities as a result of a remote workforce
  • The increased threat posed by remote employees

Click here or scroll down to watch the session in full!

Want to know more about Veriato’s Insider Threat Detection solutions? Click here for a free trial!

Remote Workforces Create New Security & Compliance Headaches

 960 640 Guest Post
By:
0
0

The new remote world has ushered in a host of security issues. Sensitive data now sits in laptops in employees’ houses and if an employee disconnects from the corporate VPN, the company goes blind. This massively increases the risk footprint and leaves the company out of compliance.

Veriato utilizes AI-driven micro-agents that sit on the endpoint, monitoring and recording all user activity. Veriato watches for signs of insider threat and because it’s not network-dependent it maintains visibility to meet compliance standards.

Additionally, it can provide productivity reporting critical for managing remote employees. Veriato is the multitool you’ve been missing.

Click here to find out more.

Are trusted employees your biggest threat?

 960 640 Stuart O'Brien
By:
0
0

Trusted employees have access to company-sensitive information, assets and intellectual property, and permission to make financial transactions – often without requiring any further approval.

Attackers target these privileged, trusted people – impersonating suppliers, regulators and colleagues – and try to encourage them to do something they have permission to do, but shouldn’t, like diverting payments to a different account.

As far as they’re aware, they’re not doing anything wrong…

Find out how to combat this threat at: https://www.corvid.co.uk/blog/are-employees-your-biggest-threat

Could your most trusted employee be your biggest threat?

 960 640 Guest Post
By:
0
0

95% of cyber security breaches are due to human error, which in reality means it could be any user, at any time. The best bit? They probably won’t even know they’re doing something wrong, but they have inadvertently just become an unintentional insider threat. As Andy Pearch, Head of IA Services, CORVID, explains, organisations need to stop playing the blame game and pointing fingers at users when the system is compromised and instead ensure they have the right technology in place to take back control of their security defences.

Unintentional insider threats

A person becomes an unintentional insider threat when they unwittingly allow a cyber attacker to achieve their goal – whether that’s a breach of systems or information, or diverting payments to a criminal’s account. This can be through negligence or lack of knowledge, but can also be a result of just doing an everyday job.

Unintentional insider threats are particularly dangerous because the traditional methods of identifying insider threats don’t work – they don’t try to hide emails or files, because as far as they’re aware, they’re not doing anything wrong. If an attacker presents themselves as a legitimate person with the right credentials to request a change, the unsuspecting employee will probably respond exactly as the attacker was hoping.

Trusted employees have access to company-sensitive information, assets, and intellectual property, and permission to make financial transactions – often without requiring any further approval. Threat actors target these privileged, trusted people – impersonating suppliers, regulators, and known colleagues – and try to encourage them to do something they have permission to do, but shouldn’t.

Removing reliance on users

Email allows threat actors to communicate with users with almost no defensive barriers between them. Even the most diligent employee gets distracted, rushed, or slightly too tired, which is all it takes for a malicious email to achieve its objective – whether that’s clicking a link, opening an attachment, or trusting the email’s source enough to reply. Employees don’t expect to be attacked in a safe office environment but threat actors prey on this perceived safety to catch them off guard and socially engineer them into doing something they shouldn’t.

Many people think they know what a spam email looks like, but 97% of people are unable to identify a sophisticated phishing email. This is hardly surprising when considering there are, comparatively, so few highly-convincing fake emails; because they aren’t seen every day, employees aren’t always looking out for them. Then there are some methods of impersonation that organisations can’t realistically be expected to detect – for example, spotting the difference between a 1, l, and I (1, L, and i, respectively). Attackers know that employees aren’t meticulously scanning every email for tiny details like this, so they take advantage. If an organisation’s email security currently relies on users correctly identifying malicious emails 100% of the time, quite simply, their defences are going to succumb to attack.

Preventing the unintended

Research shows that 90% of organisations feel vulnerable to insider attacks, so now is the time for change. Monitoring normal access and behaviour patterns can give early warning signs of potential intentionally malicious activity, but the same can’t be said for unintentional insiderthreats. The attacker’s request could be comfortably within the scope of an employee’s daily duties.

The information available to users is often insufficient for them to determine whether an email is legitimate. As such, they should be suspicious and challenge requests, especially if they’re unexpected or urgent. Checks should also be put in place for a second pair of eyes to confirm certain requests before any action is taken, for example, changing payment details or making unscheduled wire transfers. If the request is for a financial transaction or asks for sensitive or personal information, phone the person who made the request (or better still, speak to them face-to-face) to confirm it’s genuine.

There is only so much humans can do. By having technology in place that alerts users to potentially malicious content and enables them to make an informed decision about an email’s nature and legitimacy before acting on it, organisations can take back control of their security defences instead of playing the blame game and pointing fingers at users when the system is compromised.

What keeps you up at night? It’s users, isn’t it

 960 640 Stuart O'Brien
By:
0
0

Ninety-two per cent of organisations’ biggest security is concern is users, with 81% having some degree of concern around security issues.

A new report, What Keeps You Up At Night 2019 – commissioned by security awareness training company KnowBe4 – looked at over 350 organisations globally.

The research was carried out against a background in which AI and machine learning are being leveraged by criminal organisations to help them better understand how to improve their attacks, targeting specific industry verticals, organisations and even individuals.

In the results, increases in the frequency of ransomware, phishing and crypto jacking attacks were experienced by businesses of nearly every size, vertical and locale.

When it came to attack vectors, data breaches were the primary concern, with credential compromise coming in as a close second.

The report says these two issues go hand-in-hand, as misuse of credentials remains the number one attack tactic in data breaches, according to Verizon’s 2018 Data Breach Investigations Report.

Phishing and ransomware ranked next, demonstrating that organisations are still not completely prepared to defend themselves against these relatively “old” attack vectors.

Other key findings from the report include: 

• 92% of organisations rank users as their primary security concern. And at the same time, security awareness training along with phishing testing topped the list of security initiatives that organisations need to implement. 

• Organisations today have a large number of attack vectors to prevent, monitor for, detect, alert and remediate; in terms of attacks, 95 per cent of organisations are most concerned with data breaches.

• Ensuring security is in place to meet GDPR requirements is still a challenge for 64 per cent of organisations, despite the regulation details being out for quite some time.

• Attackers’ utilisation of compromised credentials is such a common tactic, 93 per cent of organisations are aware of the problem, but still have lots of work to do to stop it. 

• When it comes to resources, 75 per cent of organisations do not have an adequate budget.

“2018 was a prolific year for successful cyberattacks, and many of them were caused by human error,” said Stu Sjouwerman, CEO of KnowBe4. “IT organisations are tasked with establishing and maintaining a layered security defence. The largest concern, as demonstrated again in this report, is employees making errors. Organisations must start with establishing a security culture, and in order to combat the escalation of social engineering, they have to ensure users are trained and tested.” 

INFOGRAPHIC: Is your biggest security threat already inside your organization?

 960 640 Stuart O'Brien
By:
0
0

The person in the cubicle next to you could be your company’s biggest security threat.

The large-scale attacks we’re accustomed to seeing in the news — Yahoo, Equifax, WannaCry ransomware — are massive data breaches caused by cyber criminals, state-sponsored entities or hacktivists. They dominate the news cycle with splashy headlines that tell an all-too recognizable story: one of name-brand corporations vs. anonymous cyber villains.

We focus in outsider threats because they’re both terrifying and thrilling, and because they’re familiar. They often have a clear-cut storyline, one that we’ve seen before. But the hyper-focus on cyberattacks caused by outside parties can lead organizations to ignore a major cybersecurity threat: insiders already in the organization.

We’ve seen these threats before too: attacks of dramatic espionage from Snowden, Reality Winner and Gregory Chung — but insider threats aren’t always so obvious, and they pose a risk for organizations that don’t operate in the national security space. In fact, research suggests that insider threats account for anywhere from 60 to 75 percent of data breaches.

They’re dangerous for a number of reasons, including because of how much they vary: from rogue employees bent on personal gain or professional revenge to careless staffers without proper cybersecurity training, insider threats can come from almost anyone, making them a prime concern for businesses. Check out our full infographic to learn more about the motives and methods behind these types of threats.

To view the Infographic, click here.