Careless and malicious insiders, overly complex IT infrastructure and having an excess of privileged users continue to pose serious risks to the integrity of corporate cybersecurity practices, says Timothy Brown of SolarWinds.
Wall Street has been hit by the twin threats of the new coronavirus as well as oil prices plummeting, with the Dow dropping 2,000 points on Monday for its worst day in 12 years. Amidst fears that a recession could tank the global economy, some experts still see upsides for the cybersecurity sector.
The latest edition of the ISMG Security Report discusses the developing definition of "Insider Risk." Plus, Former DHS Secretary Michael Chertoff on U.S. 5G rollout plans; Cloud Security Alliance on containers and microservices.
Technology has enabled a whole new wave of "accidental" insider threats - people who make a mistake or are taken advantage of by attackers. What role can technology now play in improving insider threat detection and response? Three CISOs share their insights.
As the RSA 2020 conference showcased "The Human Element," Palo Alto Networks' M.K. Palmore turned his attention to the passive insider threat - the one that intends no malicious harm, but whose actions can lead to costly breaches.
As companies continue to grapple with the challenges of insider threats, machine learning coupled with behavioral analytics can assist in predicting and detecting potential threats from employees and contractors, according to a panel of security experts at RSA 2020.
Cloud access security brokers are playing a growing role in improving visibility as more organizations rely heavily on cloud applications and more staffers gain access to them, says Sean Duca, vice president and regional chief security officer for Asia Pacific and Japan at Palo Alto Networks.
A federal judge ruled this week that the U.S. government is entitled to proceeds from Edward Snowden's memoir and his paid speeches because the former NSA contractor did not submit his materials to his former federal employers for review before publishing.
Twitter users no longer have to supply a phone number in order to use two-step verification for authentication. The move will better protect accounts from SIM hijacking attempts and also means users don't have to sacrifice some of their privacy to enable a security feature.
Why try to hack Silicon Valley firms if you can buy off their employees instead? Such allegations are at the heart of a criminal complaint unsealed last week by the Justice Department, charging former Twitter employees with being Saudi agents. Experts say tech firms must hunt for employees gone rogue.
Too many organizations are still failing to prioritize mitigating the risk posed by insiders, whether they're malicious actors or model employees who make mistakes that unintentionally lead to a data breach, says Veriato's Chris Gilkes.
The latest edition of the ISMG Security Report offers an analysis of how Twitter allegedly was used to spy on critics of the Saudi Arabian government. Also featured: A preview of the new NIST Privacy Framework and an update on business email compromise attacks.
A Trend Micro employee stole and then sold contact information for 68,000 of the company's consumer subscribers, which led to a raft of unsolicited tech support scam calls, the company says. The employee has been fired. The incident highlights the risk of insider threats.
The U.S. Department of Justice has charged three men with perpetrating a campaign to infiltrate Twitter and spy on critics of the Saudi government. Two of the suspects formerly worked for Twitter, allegedly feeding details to Saudi handlers that could be used to identify and locate critics of the Saudi regime.