• Subscribe to our feed
  • Like us on Facebook
  • Follow us on Twitter
  • Join Us on LinkedIn

Insider Threat

Presidential Memo on Insider Threat: Big Brother or Sound Policy?

by Christine Meyers 5 December 2012

Recently, an Executive Memo was released addressing the vexing issue of insider threat within departments and agencies of the federal government. This presidential memorandum,“National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs,” was issued on Nov. 21, 2012. The text of the memo is captured below: This Presidential Memorandum transmits the [...]

Read More →

3 Ways Leading Companies Reduce Risk

by Christine Meyers 9 October 2012

The business risks—financial loss, failed audits, regulatory fines, and brand damage—of insider threats to your corporate data are too devastating to ignore. Here’s how learning from industry best practices can help you prevent these threats, including fraud and information leakage, and protect your business: Demand 100% visibility so nothing gets missed Capturing data in logs [...]

Read More →

3 Types of Insider Threat and How to Spot Them

by Christine Meyers 12 September 2012

Insider threats—the most challenging for organizations to address—are often difficult to spot and pose huge risks for your organization. While many of the motivations are the same, there are three distinct types of fraudulent insiders. Read part one of our series to understand who commits fraud. Part two will focus on what to look for [...]

Read More →

Most Common HIPAA Violation? Small-Scale Snooping

by Christine Meyers 14 August 2012

Health privacy violations are lethal. They can create reputation management nightmares and generate stiff fines. Even a single HIPAA violation has serious financial consequences. The minimum fine now stands at $50,000, with a maximum penalty per year of up to $1.5 million per each provision of the rules. Since many healthcare privacy breaches involve multiple [...]

Read More →

Fraud in Government: New PWC Study Says its Getting Worse

by Christine Meyers 17 May 2012

Government agencies around the globe are at risk from within. Just as in the private sector, more error and misuse occurs from internal employees and partners and suppliers than from anyone else. A recent study from Price Waterhouse Coopers indicates that the problem may be getting worse. According to the consultancy’s latest Global Economic Crime [...]

Read More →

Cyber attacks hit gas pipelines

by Christine Meyers 9 May 2012

Technorarti Verification code: 4T9PS7PC3FNV Recent reports of sophisticated phishing attacks against natural gas pipeline operators in the United States are highly disturbing. There are approximately 200,000 miles of interstate natural gas pipelines, which supply 25% of the nation’s energy and all of these are potentially at risk. The US Department of Homeland Security has recently [...]

Read More →

Major security breaches hit healthcare

by Christine Meyers 1 May 2012

The statistics are startling: In April 2012 alone, three major security breaches that hit the Utah Department of Health (UDH), Emory Healthcare and South Carolina’s Department of Health and Human Services accounted for nearly 1.1 million records lost. And it was the work of insiders. According to an article entitled “Healthcare Unable to Keep Up [...]

Read More →

Logs Never Tell the Whole Story

by Christine Meyers 15 March 2012

Organizations seeking to understand insider activity often rely on logs to detect or trace back anomalous behavior. As enterprise applications become more distributed and encompass more complex functionality, however, the ability to force traditional logging to function as a modern fraud solution becomes untenable for three reasons: 1. Isolated log entries Like your business processes, [...]

Read More →

NIST SP 800-53 Update: Privacy and Information Security Go Hand-in-Hand

by Christine Meyers 28 February 2012

The National Institute of Standards and Technology (NIST) released its update to Special Publication 800-53 Revision 4 earlier today at the 2012 RSA Conference. The update included two new sections pertaining to insider threat and privacy. As NIST cited, it is a fundamental responsibility of federal agencies to secure information systems and safeguard against unauthorized [...]

Read More →

Anonymous shreds intelligence firm Stratfor in latest hack

by Larry Meeusen 29 December 2011

Stratfor specializes in “strategic intelligence on global business, economic, security and geopolitical affairs,” It appears Stratfor failed to encrypt any of its credit card information, despite promises “to maintain safeguards to protect the security of these servers and your personally identifiable information,” according to its privacy policy.” http://www.scmagazine.com/anonymous-shreds-intelligence-firm-stratfor-in-latest-hack/article/220781/?DCMP=EMC-SCUS_Newswire I just wonder when will corporations and [...]

Read More →

← Previous Entries