If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
The Securities and Exchange Commission and the Department of Justice have both charged Jun Ying, a former CIO at data broker Equifax, with engaging in illegal insider trading after he determined that his employer had suffered a massive breach.
Now that it's been confirmed that an insider at Punjab National Bank paved the way for $1.8 billion in fraudulent transactions, RBI, the nation's central bank, is reiterating the need to strengthen security measures tied to SWIFT interbank transactions, and security experts are offering risk mitigation advice.
As data breaches increase in scale and frequency, businesses must ensure an effective, swift and well-orchestrated response. To help them, ISMG on Wednesday and Thursday will host a Fraud and Breach Prevention Summit in Mumbai offering insights from 20 leading CISOs and many other experts.
An in-depth look at the DMARC anti-spoofing system - which the U.S. Department of Homeland Security this past week said it will require federal agencies to adopt - leads the latest edition of the ISMG Security Report. Also, continuous monitoring of the insider threat.
The recent online leak of an episode of HBO's Game of Thrones, which has been linked to four insiders at a company that handles data for Star India, has put the spotlight on strategies for mitigating insider threats.
In the face of advanced persistent threats and attacks, it's critical for organizations to measure vulnerability to threats before applying machine learning tools, says Rohan Vibhandik, a scientist at ABB Corporate Research Center.
As the global threat landscape shifts, so does Kaspersky Lab. Moving from its traditional cybersecurity focus, Kaspersky now is honing in on fraud prevention. Emma Mohan-Satta describes this shift and what it means for security and anti-fraud leaders.
The most important way to address the insider threat is to educate employees about the do's and don'ts of information security so they won't fall victim to cybercriminals who want to steal their credentials to gain system access, says Sunil Varkey of Wipro.
Two researchers who launched a crowdsourced effort to subscribe to the Shadow Brokers' monthly leak of stolen Equation Group exploits - on behalf of the entire information security community - have dropped their effort, citing legal concerns.
Sweden has ended a seven-year rape investigation against WikiLeaks founder Julian Assange. But it's far from the end of the legal troubles for the man whose spilling of secrets has shaped world politics.
Criminals have long aimed to separate people from their possessions. So for anyone who follows ransomware, the WannaCry outbreak won't come as a shock. Nor will longstanding advice for surviving ransomware shakedowns: Prepare, or prepare to pay.