The U.K.'s data protection regulator has fined Bupa Insurance Services £175,000 ($228,000) for failing to stop an employee from stealing 547,000 customer records, which were later offered for sale on the dark web. The ICO found that the health insurer's CRM system lacked adequate security controls.
A successful program to mitigate insider threats involves far more than investments in security technologies, says Ram Kumar G, Bangalore-based regional information security officer with multinational technology company Philips, who offers a guide.
Having access to threat intelligence can arm you to make more
confident, risk-based decisions. However, simply having it is not
enough. 58 percent of organizations have had some kind of threat
intelligence program for at least two years, but struggle to
operationalize the intelligence efficiently - 39...
When trusted insiders are accessing your valuable digital resources, you need to know who they are and what they're doing and you need to know if resources have been compromised.
Download this eBook and learn how to look for these tell-tale signs:
Theft and corruption: Insiders are behaving badly
Damaging...
When it comes to fraud prevention, many organizations overlook the insider threat - both the malicious actor who intends to commit fraud, as well as the accidental insider who makes a mistake or is taken advantage of by an external entity? The CERT Insider Threat Center at Carnegie Mellon University is one of the...
Forty-eight percent of customers drop the products and services of organizations that have had a publicly-disclosed data breach. This is but one of the findings of the new 2018 Global State of Online Digital Trust study commissioned by CA Technologies. CA's David Duncan analyzes the results.
Randy Trzeciak, director of the CERT Insider Threat Center at CMU, says he's frequently asked: "Haven't we solved the insider threat problem?" Far from it, he responds. In fact, he's helping many organizations start insider threat defense programs. He'll be a speaker at ISMG's New York Security Summit.
Better, stronger fraud-detection intelligence - that's the promise of the new 3-D Secure 2.0 protocol for digital merchants, networks and financial institutions. But what should organizations do to prepare? James Jenkins of CA Technologies weighs in.
Behavioral analytics have taken the fast lane from emerging tech to mature practice.
The key element that has made behavioral analytics move so fast and become something so important to security is that the focus has been not on the technology itself but on the value it provides the enterprise, notably when being...
An Equifax software engineer has settled an insider trading charge with the U.S. Securities and Exchange Commission after he allegedly earned $77,000 after he made a securities transaction based on his suspicion that the credit bureau had suffered a data breach.
Mirai-like, distributed denial of service attacks launched by IoT devices are an indication that DDoS may no longer be an external-only threat facing enterprises, warns Philippe Alcoy of Arbor Networks.
Behavioral analytics have taken the fast lane from emerging tech to mature practice. And Mark McGovern of CA Technologies says the technology is being deployed in innovative ways to help detect insider threats.
When it comes to fraud prevention, many organizations overlook the insider threat - both the malicious actor who intends to commit fraud, as well as the accidental insider who makes a mistake or is taken advantage of by an external entity? The CERT Insider Threat Center at Carnegie Mellon University is one of the...
Electric car manufacturer Tesla has sued a former employee for sabotage, alleging that he "unlawfully hacked the company's confidential and trade secret information" and gave it to third parties while leaving a trail designed to implicate other employees. The ex-employee, however, claims he's a whistleblower.
This case study illustrates how Digital Shadows helped the head of threat intelligence at a bank discover a user on the dark web claiming to be a bank employee selling access to high net worth individual's accounts. The fact that the seller appeared to be an employee, this threat was of heightened priority to this...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
