ITMG Insider Threat News – August 17, 2020

ITMGNews081720

Security Officers Now Require a More Comprehensive Insider Threat Solution

COVID-19 has initiated a whole new host of cybersecurity threats. Twitter was one of the latest victims, its employees allegedly being targeted so that hackers should take over the accounts of certain verified users. And just before that, a June 25 story in The New York Times detailed the way in which a foreign entity is attempting to infiltrate American business by taking advantage of remote employees whose organizations – more than 400 million worldwide – use virtual private networks (VPNs). This should be a wake-up call – especially for cybersecurity officers. What were once considered sufficient safeguards to keep sensitive information secure, are now beginning to prove insufficient in this world of remote work.

How Can Your Security Team Assess and Investigate Potential Insider Threats More Quickly?

To put your security team in a position for success and protect your organization, it’s important to put processes in place to help your team assess and investigate potential insider threats quickly. Speed is of the utmost importance when it comes to the investigation of potential insider threats to your company. It not only saves your organization money from potential damages as a result of a breach, but it also saves man-hours which can be allocated to other projects or to shore up defenses in other ways. However, learning how to optimize your assessment and investigation processes is a significant challenge in itself, and it’s easy for a team to fall back on tried and true techniques regardless of their efficiency – or even their effectiveness. Here’s a closer look at some best practices you should be promoting within your insider risk management team to assess and investigate potential threats more quickly.

From WarGames to Terms of Service: How the Supreme Court’s Review of Computer Fraud Abuse Act Will Impact Your Trade Secrets

The Computer Fraud and Abuse Act (“CFAA”) is the embodiment of Congress’s first attempt to draft laws criminalizing computer hacking. It is rumored that the Act was influenced by the 1983 movie WarGames[1], in which a teenager unintentionally starts a countdown to World War III when he hacks into a military supercomputer.The law as originally drafted was aimed at hackers who use computers to gain unauthorized access to government computers. But Congress has amended it numerous times over the years, drastically expanding it to cover unauthorized access of any computer “used in or affecting interstate or foreign commerce or communication,” as well as a variety of other illicit computer activities such as committing fraud using a computer, trafficking in passwords, and damaging computer systems such as through a virus.

Walker Spy Case Remains Legendary 35 Years Later

Joe Wolfinger led the Norfolk FBI squad that cracked the Cold War-era Walker spy ring — one of the most notorious cases of espionage in the nation’s history. That was 35 years ago, but when Wolfinger showed up last month at FBI headquarters to share his memories with a reporter, his presence drew staff like moths to flame. The interview turned into an all-ears gathering of fans — agents, analysts, supervisors — who settled into chairs to soak up his every word. One of them, Laura Harper, explained why: “Agents love to hear about any case from the past but this one is a legend.” She tilted her head toward the silver-haired Wolfinger: “He’s a legend.” For the Norfolk FBI, the Walker case remains their Olympic medal: The biggest leak ever of classified Navy documents stopped by one of bureau’s smallest field offices.

4 Ways to Protect ePHI Beyond HIPAA Compliance

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of personally identifiable information offers a higher value on the Dark Web. HIPAA compliance, specifically its Security Rule, establishes standards for protecting individuals’ electronic personal health information and provides administrative, physical, and technical safeguards. HIPAA’s Security Rule dovetails nicely with IT security best practices. Former Acting Deputy Director for HIPAA at the Department of Health and Human Services (HHS), Iliana L. Peters, shares four ways to protect data security and patient safety that go beyond check-the-box HIPAA compliance.

N. Korea Uses Cloned LinkedIn Accounts on the Espionage Battleground

Once again, LinkedIn is the battleground for nation state espionage operations. Every counterintelligence and insider threat professional should be paying attention. According to Israeli research entity ClearSky, the North Koreans targeted defense professionals (Israeli and other nationalities) by posing as senior U.S. and European defense industry professionals. The cybersecurity firm released their report, “Operation Dream Job” on August 13. The entity conducting the cyber attack has been identified as the “Lazarus Group” (aka Hidden Cobra).

A Holistic View of Organisational Security

The finance sector is typically more developed than others when it comes to implementing security measures. This is partly due to it being targeted by a diverse range of threat actors who are some of the most advanced, and also because the threat is so great –  even the smallest breach has the potential for significant impact monetarily, or on market reputation, perception or confidence. Ideally, an organisation’s critical assets should be surrounded by layer upon layer of security measures, all working together so that if one layer is removed or breached, the business’ most valuable assets are not compromised. Too often however, organisations take a siloed approach to security – viewing physical, cyber and personnel security as separate entities, where in fact they are more inter-related than many imagine.

The Importance of Endpoint Security

Are your organization’s endpoints secure? That’s the question keeping more than a few CISO’s up at night—and with good reason. In 2019, according to the IDC, 70% of successful breaches originated on the endpoint. Today’s business is mobile, with people becoming the new perimeter. As organizations expand and more employees work remotely, the number of vulnerable endpoints grows. Centralized solutions no longer protect networks, and organizations must embrace multi-layered endpoint security solutions or face a greater risk exposure to costly breaches. In this article, we will discuss endpoint security and why it’s critical to your organization’s overall security in today’s threat environment.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading