A common complaint among threat intelligence analysts is the near impossibility of searching global threat intelligence feeds to find the specific threat and vulnerability information that matters to their organization. This complaint is just the tip of the iceberg. The underlying problem is the lack of visibility and...
The U.K.'s data protection regulator has fined Bupa Insurance Services £175,000 ($228,000) for failing to stop an employee from stealing 547,000 customer records, which were later offered for sale on the dark web. The ICO found that the health insurer's CRM system lacked adequate security controls.
A case involving alleged insider theft of protected health information from a hospital in New York illustrates why healthcare organizations need to take extra precautions to prevent similar incidents. Security experts offer recommendations.
There has been much speculation (not to mention exaggeration) over recent years about the fabled dark web. We've heard how this shady underworld is the refuge of the cybercriminal elite and even nation state threat actors.
But beyond the hype there is the potential for dark web sources to reveal valuable...
11 Questions to Answer Before You Invest
Threat intelligence done right gives you a window into the world of your adversary. Vendors and service providers are aiming to empower organizations by alerting them to the specific threat vectors and attacks they face, as well as how they should be prioritized for...
Having access to threat intelligence can arm you to make more
confident, risk-based decisions. However, simply having it is not
enough. 58 percent of organizations have had some kind of threat
intelligence program for at least two years, but struggle to
operationalize the intelligence efficiently - 39...
Despite increasing investment in security tools, organizations are still getting breached - and so many of those breaches, whether organizations realize it or not, are ultimately due to the human element.
The 2018 Insider Threat Intelligence Report collects findings from Dtex's User Threat Assessments across the...
When trusted insiders are accessing your valuable digital resources, you need to know who they are and what they're doing and you need to know if resources have been compromised.
Download this eBook and learn how to look for these tell-tale signs:
Theft and corruption: Insiders are behaving badly
Damaging...
When it comes to fraud prevention, many organizations overlook the insider threat - both the malicious actor who intends to commit fraud, as well as the accidental insider who makes a mistake or is taken advantage of by an external entity? The CERT Insider Threat Center at Carnegie Mellon University is one of the...
Forty-eight percent of customers drop the products and services of organizations that have had a publicly-disclosed data breach. This is but one of the findings of the new 2018 Global State of Online Digital Trust study commissioned by CA Technologies. CA's David Duncan analyzes the results.
Randy Trzeciak, director of the CERT Insider Threat Center at CMU, says he's frequently asked: "Haven't we solved the insider threat problem?" Far from it, he responds. In fact, he's helping many organizations start insider threat defense programs. He'll be a speaker at ISMG's New York Security Summit.
Better, stronger fraud-detection intelligence - that's the promise of the new 3-D Secure 2.0 protocol for digital merchants, networks and financial institutions. But what should organizations do to prepare? James Jenkins of CA Technologies weighs in.
The National Cybersecurity Center of Excellence (NCCoE) at NIST has created a series of free resources touting best industry practices that utilize the latest technology, automation and system controls to guide industry professionals through minimizing their cyber risks and identifying threats. These practices go a...
Behavioral analytics have taken the fast lane from emerging tech to mature practice.
The key element that has made behavioral analytics move so fast and become something so important to security is that the focus has been not on the technology itself but on the value it provides the enterprise, notably when being...
A Shift Toward a Human-Centric Approach to Information Security
Every IT security department's job, to protect data, has become more challenging as the security perimeter has dissolved with the adoption of cloud applications. The traditional threat-centric approach is to apply rigid policies to a dynamic...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
