ITMG Insider Threat News August 12, 2022

5 Data Security Challenges Enterprises Face Today

Data has become the lifeblood of the enterprise, providing competitive differentiation, customer insights and product ideas. With the plummeting costs of storage, sensors and compute, the typical organization is eagerly accumulating more and more data.

But, while data brings opportunity, it can also expose enterprises to significant legal and financial liability. Organizations need to address the following five data security challenges to successfully maintain the confidentiality, integrity and availability of sensitive information.

CDSE gears up for National Insider Threat Awareness Month

First held in September 2019, the National Insider Threat Task Force (NITTF), the National Counterintelligence and Security Center (NCSC), and DCSA partnered with the FBI, the Office of the Under Secretary of Defense for Intelligence, and the Department of Homeland Security to bring together thousands of U.S. security professionals and policy makers from Government and industry, located in 25 countries around the globe, to increase awareness about the risks posed by insider threats and the role of insider threat programs.

NITAM is a great opportunity for the Insider Threat community to share best practices and lessons learned over the last year about countering Insider Threat, have meaningful discussions about emerging threats or trends, as well as remind our workforces about their roles in reporting Insider Threat indicators, said Heather Mardaga, CDSE Director.

Digital Health-Pharma Relationships Face Intellectual Property Uncertainty

As the marriage between pharma and digital health heats up, intellectual property and patent disputes over artificial intelligence and other nascent technologies could lead to a flurry of lawsuits, experts say.

Pharma is increasingly partnering with digital health companies for drug discovery, patient engagement, clinical trial automation, manufacturing and supply chain operations, and more. But experts say the lack of clear regulatory guidance over data ownership could lead to disputes in court.

Over 60% of Organizations Expose SSH to the Internet

A majority of global organizations are exposing sensitive and insecure protocols to the public internet, potentially increasing their attack surface, according to ExtraHop.

The vendor analyzed a range of enterprise IT environments to benchmark cybersecurity posture based on open ports and sensitive protocol exposure.

It found that 64% of those studied have at least one device exposing SSH, which could allow attackers to probe it for remote access.

http://www.infosecurity-magazine.com/news/over-60-organizations-expose-ssh/

Ransomware Attacks Taking Toll on Security Professionals

A third of organizations experience a ransomware attack at least once a week, with one in 10 experiencing them more than once a day, according to a new report by Menlo Security.

The report also suggested almost half of the organizations surveyed have been the victim of a successful ransomware attack in the last 18 months, with customers and prospects the most likely entry point for an attack.

GwisinLocker Ransomware Targets Linux Systems in South Korea

In the document, the company claimed GwisinLocker is a new malware variant created by a previously little-known threat actor (TA) called “Gwisin” (a Korean term for ‘ghost’ or ‘spirit’).

“In communications with its victims, the Gwisin group claims to have deep knowledge of their network and claim that they exfiltrated data with which to extort the company,” ReversingLabs said.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading