Cybercriminals and nation-states are attempting to recruit insiders at companies around the world to help steal credentials and intellectual property, says Joseph Blankenship, vice president and research director at Forrester, who offers risk mitigation insights.
In a decision that will have major implications for the cybersecurity industry, the U.S. Supreme Court ruled Thursday to limit the scope of the Computer Fraud and Abuse Act. Security researchers and civil liberty groups argued that the 1986 law was too broadly written and outdated for today.
It's common to say, "The human element is our weakest cybersecurity link." But author and educator James Bone has a different perspective. He weighs in on the human factor and the criticality of modifying enterprise risk management strategies.
As a retired Air Force general and the former federal CISO of the United States, Gregory Touhill is well-versed in critical infrastructure protection and resiliency. Now, as the new director of CMU SEI's CERT division, he has the opportunity to help foster new levels of education and collaboration.
As CISO of Johnson & Johnson, Marene Allison was used to gauging her security posture by the top threat activity: nation-state, cybercrime, insider or hacktivist. But in 2020, they all struck at once. Here is one CISO's take on the state of the industry.
We live in a world where employees are almost twice as likely to expose corporate data than they were prior to the pandemic. As a result, organizations have been struggling to solve this problem with legacy solutions such as DLP and need a dedicated Insider Risk Program instead.
By attending this session, you...
Remote work isn’t a trend, but a new way for businesses to operate. There’s no longer a defined parameter to operate. Instead, IT teams are coping with multiple devices, networks, locations and ways of enabling employees to access professional applications. Cybercriminals are capitalising on this opportunity.
Several healthcare entities are reporting health data breaches in the wake of an incident involving a vendor's employee who uploaded files containing patient data to the public-facing, open-source software development hosting website GitHub. How can entities avoid such mishaps?
A Kansas man faces federal charges for allegedly accessing the network of a local water treatment facility and tampering with the systems that control the cleaning and disinfecting procedures, according to the Justice Department. The charges follow a similar security incident at a Florida facility.
The latest edition of the ISMG Security Report features an analysis of recent “tell-all” interviews with members of ransomware gangs. Also featured: insights on securing IoT devices and mitigating insider threat risks.
Insider threat programs can help significantly reduce the chance of system compromise or breach. This can help organizations save substantial amounts of money and avoid loss of brand reputation and customer trust.
Download this guide to learn how to build your insider threat program with tips like determining...
While an external attacker trying to gain access to the network might raise a number of flags, someone internally who steals information might not raise any suspicion at all. This leaves organizations vulnerable to insider threats.
Download this guide to learn about three tools and methods that can help you detect...
As the workforce trends toward remote work, insider threats remain one of the top causes of security breaches.
Faster detection and response to insider threats helps avoid a major data breach that would put your organization at risk of making news headlines.
Keep your corporate data secure by adapting to new...
Insider threats refer to security risks caused by malicious users within a corporate network. While the term is most commonly used to describe illicit or malicious activity, it can also refer to users who unintentionally cause harm to the business. In the case of a malicious insider, the user typically is acting with...