ITMG Insider Threat News – January 5, 2022

How Do I Reduce the Risk of an Insider Threat?

Having a framework to provide the least level of access (a core tenet of the best zero-trust models) is a good start to reducing the risk of an insider threat. A lot of organizations give excessive access to employees because it’s the easier thing to do. For example, they may copy access controls from employee to employee. So, when Kelly got hired into the marketing department, he was given a set level of access controls. Then Sam got hired into a similar role and the access controls were copied — but a short time later, Sam moved into a new department, then into a more senior role. Charlie was hired to backfill Sam’s role and was given the same permissions as Sam, because copying the access controls is easier, but certainly not less risky.

Healthcare Cybersecurity: Threats and Mitigation

Threat actors find healthcare organizations an attractive target because they store highly sensitive, personally identifiable information (PII) about their members/patients. These include names, addresses, dates of birth or death, social security numbers (SSNs), health insurance identification numbers (HINs) and account numbers representing payment instruments like credit card details. These, combined with demographic data, provide enough information for healthcare cyber-threat actors to steal identities or commit healthcare fraud. Additionally, personal information about one’s health and relevant records makes it an attractive option for cyber-criminals as it has an underground market value.

An Intellectual Property World Defining and Protecting Rights

Intellectual property, or IP, is everywhere. From websites, client lists and software to the recipe of the sodas a company serves in its breakroom. Businesses deal in intellectual property whether they know it or not. Fueled by technology, intellectual property is a growing field and one that’s being added to regularly. With its direct impact on businesses, knowing how to protect intellectual property and not violate the rights of others, has never been more important in today’s intellectual property world.

Business Strategies to Protect Trade Secret and Confidential Information

Many businesses’ value is derived primarily from their intangible assets, including patents, copyrights, trademarks, domain names, and trade secrets. Entrepreneurs are frequently proactive in obtaining patents, copyrights, and trademarks to ensure long-term success. However, entrepreneurs need to struggle constantly to safeguard the trade secrets and confidential information of their business. A trade secret is any business technique or procedure that is largely unknown outside of the company. Trade secret information provides a business with a competitive edge over its rivals. A business must make a reasonable attempt to protect the knowledge from the public to qualify as a secret under applicable law. A company must make a reasonable attempt to hide the ability from the public; the secret must have inherent economic worth, and the secret must include information.

Why Manufacturing IP is So Susceptible to Cyber Theft

While electronic theft of intellectual property (IP) has been happening for a long time, it got people’s attention when it was discovered that hackers were going after the formulas for the COVID-19 vaccines.  After all, why spend billions of dollars developing a vaccine, especially if you don’t have the experience or facilities, when you can just steal it?

Many of these attacks are initiated by foreign powers or their proxies in the hacker community.  The biggest state sponsors of IP theft include China, Russia, Iran, and North Korea.  These countries are known to be targeting the COVID-19 vaccines so they can quickly provide them to their citizens and allies.

However, there is also industrial espionage going on between companies.  Companies may hire hackers, or use their own employees, to break into a competitor’s systems to obtain IP or trade secrets.  The level of success they have is questionable, because neither the attacker nor the victim wants to draw attention to it.  It simply provides negative publicity for both.

Getting Started with Threat-Informed Security Programs

Organizations that don’t fully understand the current cybersecurity threat landscape can find it difficult to figure out the right course of action, let alone building robust security programs.

The challenges are amplified when people put money against cybersecurity initiatives without understanding the threats they are dealing with or what problem they are trying to solve, Michael Speca, president at security services company Ardalyst, said during the Mandiant Cyber Defense Summit earlier this fall. Security leaders should rethink common cybersecurity myths and re-evaluate how cybersecurity fits in their current risk mitigation approaches, he suggested.

“There are too many choices, all overwhelming and making either grandiose promises, or narrowly-focused, inapplicable options – that’s a recipe for really not knowing what to do,” Speca said.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading