• Subscribe to our feed
  • Like us on Facebook
  • Follow us on Twitter
  • Join Us on LinkedIn

Fraud in Government: New PWC Study Says its Getting Worse

by Christine Meyers 17 May 2012

Government agencies around the globe are at risk from within. Just as in the private sector, more error and misuse occurs from internal employees and partners and suppliers than from anyone else. A recent study from Price Waterhouse Coopers indicates that the problem may be getting worse. According to the consultancy’s latest Global Economic Crime [...]

Read More →

Cyber attacks hit gas pipelines

by Christine Meyers 9 May 2012

Recent reports of sophisticated phishing attacks against natural gas pipeline operators in the United States are highly disturbing. There are approximately 200,000 miles of interstate natural gas pipelines, which supply 25% of the nation’s energy and all of these are potentially at risk. The US Department of Homeland Security has recently disclosed that they have [...]

Read More →

Major security breaches hit healthcare

by Christine Meyers 1 May 2012

The statistics are startling: In April 2012 alone, three major security breaches that hit the Utah Department of Health (UDH), Emory Healthcare and South Carolina’s Department of Health and Human Services accounted for nearly 1.1 million records lost. And it was the work of insiders. According to an article entitled “Healthcare Unable to Keep Up [...]

Read More →

Logs Never Tell the Whole Story

by Christine Meyers 15 March 2012

Organizations seeking to understand insider activity often rely on logs to detect or trace back anomalous behavior. As enterprise applications become more distributed and encompass more complex functionality, however, the ability to force traditional logging to function as a modern fraud solution becomes untenable for three reasons: 1. Isolated log entries Like your business processes, [...]

Read More →

NIST SP 800-53 Update: Privacy and Information Security Go Hand-in-Hand

by Christine Meyers 28 February 2012

The National Institute of Standards and Technology (NIST) released its update to Special Publication 800-53 Revision 4 earlier today at the 2012 RSA Conference. The update included two new sections pertaining to insider threat and privacy. As NIST cited, it is a fundamental responsibility of federal agencies to secure information systems and safeguard against unauthorized [...]

Read More →

Proposed NIST Guidelines Call for Continuous Monitoring to Control Risk

by Christine Meyers 2 February 2012

The National Institute of Standards and Technology (NIST) released its proposed guidelines last week, which call for organizations to develop capabilities for continuous monitoring and enterprise-wide tracking of information to better measure the effectiveness of security policies and calculate risk of fraudulent activity. This is a forward-thinking approach by NIST, and we believe this is [...]

Read More →

Anonymous shreds intelligence firm Stratfor in latest hack

by Larry Meeusen 29 December 2011

Stratfor specializes in “strategic intelligence on global business, economic, security and geopolitical affairs,” It appears Stratfor failed to encrypt any of its credit card information, despite promises “to maintain safeguards to protect the security of these servers and your personally identifiable information,” according to its privacy policy.” http://www.scmagazine.com/anonymous-shreds-intelligence-firm-stratfor-in-latest-hack/article/220781/?DCMP=EMC-SCUS_Newswire I just wonder when will corporations and [...]

Read More →

The Costs of Insider Fraud

by Christine Meyers 21 December 2011

Information technology moves fast. Recent advances have led to streamlined business operations and innovative products and services. They have also opened up new avenues for fraud. Breach announcements disclosing information leaks and theft of privacy data are so commonplace, many of us turn a deaf ear to them and a blind eye to the underlying vulnerabilities they [...]

Read More →

The Importance of Continuous Monitoring in Healthcare

by Christine Meyers 23 November 2011

Today’s next generation of fraud detection technologies can go a long way to supporting a HIPAA HITECH compliance effort and prevent privacy violations, misuse and abuse. Simply put, these systems provide visibility across multiple data channels to offer a comprehensive view of what is going on in your environment. Leading solutions offer screen-by-screen replay of [...]

Read More →

4 Kinds of Enterprise Fraud (And How to Prevent Them)

by Christine Meyers 10 November 2011

Enterprise fraud and workplace policy abuse come in many forms, and every business is at risk.  Unfortunately, it’s not always obvious when workplace fraud occurs. Perpetrators are often insiders – long-time employees or trusted staff members who have access to sensitive information.  The very idea that these people would cheat you can be hard to [...]

Read More →

← Previous Entries