Organizations can implement an insider threat solution with good intentions and all in the interest of heightening security posture. But improper implementation can cause the loss of an employee’s drive just as quickly as a potential nefarious opportunity that outweighs the cost.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Security teams may not be as protected as they think when it comes to dark web monitoring and detection. New research finds that only 38% of security practitioners say they're likely to detect their organization's private data if it was released on the dark web.
The Philippines government is considering reviving a previously-vetoed bill that would mandate SIM card registration due to rampant phishing scams that are difficult to trace. Country's two biggest carriers, PLDT and Globe, already blocking over a billion scam messages.
Quantum computing now has the potential to capture nearly $700 billion in value as early as 2035. NIST is encouraging U.S. government entities and commercial enterprises to move forward more quickly towards post-quantum cryptography since data is getting harvested today for future decryption.
Uber cybersecurity incident was the result of social engineering by teenage hacker. Network breach was a total compromise and that the attacker had full access to Uber's systems.
The Chinese government claims that the NSA is conducting cyber espionage with repeated attacks on an aerospace and space research university funded by Beijing.
The Department of Education, FBI, and DHS CISA responded to a cyber attack and confirmed a ransomware incident on the second-largest school district, Los Angeles School District (LAUSD), over the Labor Day Weekend.
The Lazarus hackers are generally in pursuit of profit. But in this case, the main interest appears to be cyber espionage. A report indicates that the group is targeting the Log4j vulnerability in energy companies.
A credential stuffing attack on American outdoor apparel company, The North Face, compromised nearly 200,000 accounts just two years after a similar incident.
None of the candidate encryption algorithms to counter the threat of quantum computing are intended for the massive amounts of sensitive data stored “at rest”. Instead they are intended to replace those currently used for: (1) data in transit over the public internet; and (2) digital signatures used for authentication.










