ITMG Insider Threat News – July 27, 2020

The Rising Profile of The Corporate Security Executive

Leaders are forged in times of crisis. So, it’s not surprising that a rare confluence of events that includes the current pandemic and recent social unrest has given organizations’ Chief Security Officers (CSOs) and security executives an opportunity to exercise even greater leadership and mission-critical influence during these historically trying times. The economic fallout of the global pandemic, as well as the seismic rifts widening in our civil and political discourse, highlights the increasing importance of the security department. This period of heightened tension calls upon security professionals’ skills to deescalate tensions and exhibit empathy but also to protect staff, supply chains, and information.

How Florida Can Combat China’s Theft of Intellectual Property

A nation’s economic security is the foundation for its national security, writes an FBI special agent. The flag of China flies behind a security camera over the Chinese Consulate in San Francisco, Thursday, July 23, 2020. The Chinese consulate in San Francisco is harboring a Chinese researcher who the FBI says lied about her military background. A nation’s economic security serves as the foundation for its national security. Understanding this principle, the communist government of China has undertaken a relentless campaign to become the world’s economic superpower by all means possible. The Chinese government is waging a covert war against the United States as they have been steadfast in their attempts to steal our intellectual property and trade secrets. The majority of Chinese thefts have focused on two disparate arenas; American universities and private sector companies. In this venture they have been wildly successful.

Trump administration shuttered Chinese consulate in Houston due to targeting of US energy firms: sources

Houston consulate was the epicenter of research theft by China, State Department says. The Trump administration’s move to shutter the Chinese consulate in Houston was due, in part, to the Chinese Communist Party’s targeting of U.S. energy firms, Fox News has learned. Multiple intelligence sources told Fox News Thursday that one major reason the consulate closed, as opposed to other Chinese diplomatic outposts, was because the CCP was carrying out threats and intimidation tactics targeting U.S. energy firms in the South China Sea. The Chinese officials carrying this out, according to sources, were based mostly in the Houston consulate. The information comes after the State Department claimed Wednesday that the administration was closing the consulate due to increased espionage activity. The U.S. directed the closure of the consulate in Houston on Tuesday. By Wednesday, the Chinese government said that they had been instructed to do so without warning, though Sen. Marco Rubio, R-Fla., the acting chairman of the Senate Intelligence Committee, said that the move was “long overdue.”

Siemens to let staff ‘Work From Anywhere’ permanently

“These changes will also be associated with a different leadership style, one that focuses on outcomes rather than on time spent at the office,” said incoming Chief Executive Roland Busch. Siemens to let staff “Work From Anywhere” permanently where they are most productive. Siemens has decided to let its employees work from wherever they want for two or three days a week, in the latest example of how the coronavirus is making major companies re-think how and where their staff work. The Munich-based industrial software maker said its board had approved a new working model which will allow employees to work from where they are most productive, including at home or from a co-working space. “The aim is to enable employees worldwide to work on a mobile basis for an average of two or three days a week, whenever reasonable and feasible,” Siemens said in a statement. “These changes will also be associated with a different leadership style, one that focuses on outcomes rather than on time spent at the office,” said incoming Chief Executive Roland Busch.

6 Ways GCs Can Assess Insider Threat Risk

It is an understatement to say that COVID-19 has changed our day-to-day work in the past quarter and will continue to do so for the foreseeable future. With increased general stress and economic uncertainty combined with more remote work, most companies were overwhelmed with maintaining day-to-day operations running and managing company cash flow. As the COVID-19 crisis stretches from weeks to months and now possibly a year or more, how can general counsel evaluate if their enterprise employee monitoring will be effective during an extended pandemic?

Report | Employee Mistakes Cause Almost Half of Cybersecurity Issues

Staff admit that mistakes they have made at work have had cybersecurity repercussions themselves or their company. A newly-released report from security firm, Tessian, shows that 43% of workers have made cybersecurity mistakes that negatively impacted their organisation. The Psychology of Human Error report surveyed 1,000 workers in both the UK and the United States at the height of the coronavirus outbreak in April. The study revealed how stress, distraction and workplace disruption can cause people to make more mistakes at work. One-in-five companies (20%) have lost customers due to mistakenly sending an email to the wrong person – an error that most employees (58%) admitted to doing. A further 10% of workers said they had lost their job after sending an email to the wrong person.

How to Tackle Insider Threats to Enterprise Data

Twitter was amongst the first in the world to suggest remote working to beat the pandemic and it has once again emerged tops when it comes to data theft. The company confirmed that hackers used tools available to staffers to carry out an attack that compromised accounts of Barack Obama, Elon Musk, Kanye West and Bill Gates to name a few.  A survey by the Wall Street Journal Pro Research of 400 enterprises revealed that nearly three-fourth of the cybersecurity executives were concerned about employees turning rogue. The concern over the rise of insider threats is growing at a pace that’s faster than before and needs to be arrested. Of course, the survey doesn’t clarify if all of the threat is malicious or if there’s also likely to be incompetence at work.

Threat Intelligence: Secure Your Business from Insiders

Insiders remain a key threat to corporate cyber security in East Africa. The number of insider-related cyber security incidents in East Africa has increased by 55% in the last three months, as most companies lacking active monitoring of their IT infrastructure transitioned to remote work occasioned by the COVID-19 pandemic. According to Dimension Data, the sudden spike has resulted from attackers taking advantage of publicly available weak systems and most security controls designed to monitor and capture activities failing to keep up, as they are intended for traditional on-premises infrastructure. This has left security control gaps as more employees remotely connect to company resources from mobile devices and external networks. The financial services industry (FSI) remains the most targeted sector because of the immediate monetary gain.

Insider Threat: The Biggest Contributor to Cyber Attacks

In 2019, a renowned cloud hosting company fell victim to a data breach. The hacker accessed over 100 million accounts of customers and credit applications by exploiting a misconfigured web application firewall. Even though no credentials or credit card account numbers were compromised, the company’s reputation and customer trust were adversely impacted. Interestingly, the hacker came out to be a former software engineer of the company who shared its method of hacking into the company with its colleagues over a chat application. The former employee of the company even shared the method over social media platforms which, eventually became the source of “leakage”. Eventually, the case of data breach turned out to be an insider threat case. Shocking right?  Organizations often tend to overlook the ‘insider threat’ but these are the biggest contributors to the cyber attacks today. Various statistics reveal that insider threats could be employees, contractors, trusted business associates, or any that have easy access to your organization’s network. Let us guide you through everything that you must know about the insider threat.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading