The U.S. Marine Corps looks to expand its insider threat program and seeks proposals to include activity monitoring technology on its enterprise and classified networks. The goal is to give the Marines greater ability to monitor network traffic and stop insiders from exposing data.
Russian-Dutch multinational e-commerce company Yandex sustained a data breach in which 4,887 customer accounts were compromised after an employee with systems admin privileges gave unauthorized access to attackers.
What action can companies take to help prevent occupational fraud by insiders? Ganeshwaran Thuraisingham of the Association of Certified Fraud Examiners shares some important steps taken by the association in the APAC region to build awareness of emerging fraud trends and how to mitigate risks.
In defining an IAM strategy for the cloud, CISOs need to automate the processes of provisioning, de-provisioning, monitoring and auditing as well as implementing federated access and API integration, says Rushdhi Mohammad, information security officer at the Industrial Bank of Kuwait.
Ticketmaster has agreed to pay a $10 million criminal fine to resolve charges that the company illegally accessed an unnamed competitor's computer system on at least 20 separate occasions, using stolen passwords to conduct a cyber espionage operation.
To enhance organizations' security postures in the year ahead, CISOs must strengthen authentication processes, increase the use of network segmentation tools and deploy effective threat intelligence capabilities, two CISOs recommend.
Italian authorities arrested two employees of the Italian defense contractor Leonardo S.p.A. for installing a backdoor Trojan into the company's systems and exfiltrating 10GB of data over a two-year period, according to local law enforcement officials.
Adopting a "security by design" approach and weaving it into the digital transformation road map helps organizations defend against cyberthreats, says Reem AlShammari, CISO at Kuwait Oil Co., who also advocates threat information sharing.
COVID-19 accelerated everything else digital; why not fraud, too? In this latest CEO/CISO panel, cybersecurity leaders talk frankly about the pace and scale of new fraud schemes from business email compromise to card not present to insider risk.
A remote workforce. Economic stress. Pandemic fatigue. These ingredients create a "perfect storm" for insider risk, whether through malicious acts or accident. What can you do to improve monitoring and mitigation of insider risk in these unique conditions?
Randy Trzeciak, director of the CERT Insider Threat Center...
Amidst this new "perfect storm" of insider risk, enterprises face new challenges in detecting malicious and accidental activities. Tricia Hoyt, Director of Security Operations at ReliaQuest, offers insight on how to assess and reduce the risks.
Death via a thousand paper cuts? The U.S. government hasn't been able to arrange a domestic court date for whistleblower Edward Snowden, but via the courts, it's successfully been awarded $5.2 million in his book royalties and revenue from speaking engagements.
The Secure Access Service Edge - or SASE - model can help CISOs make incremental progress on enhancing security while designing a long-term strategy, says Siddharth Deshpande, director of security strategy for Asia-Pacific and Japan at Akamai Technologies.