ITMG Insider Threat News – June 1, 2020

Why the FBI Doesn’t Record Interviews

The FBI’s interview of former Trump national security adviser Michael Flynn about his telephone conversations with Russian Ambassador Kislyak renewed a frequent question: Why doesn’t the FBI record its interviews? After all, if a recording of Flynn’s January 2017 interview were available, and not just a heavily redacted form FD-302, there might not be such controversy about whether Flynn lied to agents about the conversation. Despite the fact that recorded interviews can be helpful, there are good reasons the FBI does not record all interviews – even though a 2014 Department of Justice policy states they should default toward recordings.

Insider threats should remain a real concern for businesses as criminals look for ‘easy access’

Recent report from the Ponemon Institute highlights this concern with business leaders more concerned about accidental insider threat than hacking. The threat of employees accidentally giving cyber criminals access to sensitive data remains a real problem for organisations. For years the old adage of employees remaining your weakest link has remained true and a recent report from the Ponemon Institute has backed this up.

Cybersecurity’s Greatest Insider Threat is in The C-Suite

84% of C-level executives say they had been targeted by at least one cyberattack in the past year, with phishing attacks again being the most common (54%). 78% of IT leaders say the C-Suite is the most likely to be targeted by phishing attacks. 76% of CEOs admit to bypassing security protocols to get something done faster, sacrificing security for speed. C-level based breaches, phishing, and fraud attempts are increasing today. Cybercriminals are learning how to impersonate executives and send e-mails asking for wire transfers, privileged access account resets, corporate credit card requests, and more, all in the CXOs’ name. With cybercriminals and bad actors fine-tuning their social engineering skills, CEOs and the C-Suite need to bolster their own cybersecurity awareness and practices.

Go Ahead, Monitor Your Remote Workers; But You’d Better Hope HR and Risk Management Get It Right

Employee monitoring software can keep your workforce accountable and productive, but it can also reduce morale and promote distrust. Consider the risks. Preventative practices have recently evolved from letting employees work from home temporarily to limit their exposure to the virus to adopting some form of working-from-home on a permanent basis. Companies like Twitter and Nationwide Mutual Insurance Company plan to continue allowing employees to work remotely after the pandemic. With that major shift, some employers are seeking technologies to assure that their employees are remaining productive amid such potential distractions, such as children clamoring for help with homework, a plumber arriving to fix a broken kitchen pipe or myriad other challenges.

70% of Organizations to Increase Cybersecurity Spending Following COVID-19 Pandemic

With coronavirus crisis creating new opportunities for cybercriminals, 70 percent of organizations are seeing the value of increasing their investments in cybersecurity solutions. According to a LearnBonds.com report, besides boosting their cybersecurity spending, as the top IT priority this year, around 55 percent of major organizations will boost their investments in automation solutions, revealed HFS Research survey conducted in April. Smart analytics, hybrid or multi-cloud and artificial intelligence follow, with 53 percent, 49 percent and 46 percent of those bodies asked naming them as their leading IT investments this year.

Insider Threat Detection with AI Using Tensorflow and RapidMiner Studio

This technical article will teach you how to pre-process data, create your own neural networks, and train and evaluate models using the US-CERT’s simulated insider threat dataset. The methods and solutions are designed for non-domain experts; particularly cyber security professionals. We will start our journey with the raw data provided by the dataset and provide examples of different pre-processing methods to get it “ready” for the AI solution to ingest. We will ultimately create models that can be re-used for additional predictions based on security events. Throughout the article, I will also point out the applicability and return on investment depending on your existing Information Security program in the enterprise.

Inside hackers’ pivot to medical espionage

A wave of cyber-spying around COVID-19 medical research is once more demonstrating the perils of treating cybersecurity as a separate, walled-off realm. Driving the news: U.S. officials recently announced an uptick in Chinese-government affiliated hackers targeting medical research and other facilities in the United States for data on a potential COVID-19 cure or effective treatments to combat the virus. Additionally, “more than a dozen countries have redeployed military and intelligence hackers to glean whatever they can about other nations’ virus responses,” reports the New York Times.

Data Security is Everyone’s Problem

The unique crisis we are battling has forced organizations globally to reassess their data protection strategies. We have seen supply chains disrupted, employees working from home in unprecedented numbers and analog systems forced online. The combination of these factors makes keeping track of sensitive data challenging.If that wasn’t enough, we’re also weathering a storm of cyber-attacks, online fraud and phishing scams, from criminals enticed by the public’s increased online presence and shift to remote working. It’s clear that data management strategies have to evolve and quickly.

Working from Home Opens Up New Data Security Threat

A new report from Tessian claims that nearly half of employees (48 percent) are less likely to follow safe data practices when working from home. The State of Data Loss Prevention 2020 report suggests that the global shift to remote working poses new security challenges for businesses and why traditional security solutions are failing to curb the problem of the insider threat and accidental data loss.

Client Alert: Protecting Intellectual Property in Remote-Based Work Settings

During the COVID-19 pandemic, teleworking has become both a requirement and a preference to facilitate a safe and healthy workplace. However, remote-based work settings may pose intentional and unintentional threats to intellectual property (IP) and other proprietary information or technology. For example, work is increasingly conducted from home office spaces, wherein easier access to IP may be given to persons (i.e., family, residents, visitors, and others in close proximity) not privy to the IP. Virtual meetings may also increase the possibility of undesired exposure to data, ideas, creations, reports, and the like that are meant to remain secret.

Security Risk from Remote Workers Is a Problem For HR As Well As IT

Human error and apathy still present a major threat to the security of data when employees are working remotely. This is despite valiant efforts from organizations to educate their workforces in cybersecurity risks, and the practices they must follow. In a recent survey carried out by Apricorn, more than half (57%) of UK IT leaders said they expect remote workers to expose their organization to the risk of a data breach, up from 44 percent in 2018. More than a third believe their remote workers simply don’t care about security.

Safeguarding COVID-19 Research, Other Intellectual Property

As cyberthreats to medical research on COVID-19 – and other intellectual property – grow, organizations must take critical steps to prevent the theft of their “innovation capital,” says Russell Koste, chief security officer at Alexion Pharmaceuticals. To help security leaders more effectively mitigate the risks, the Healthcare and Public Health Sector Coordinating Council’s Joint Cybersecurity Working Group recently issued a Health Industry Cybersecurity Protection of Innovation Capital guide. Koste is co-chair of the working group.

Enterprise Risk Management: Give Cybersecurity a Seat at the Table

COVID-19 is forcing organizations of all sizes to re-evaluate their enterprise risk management strategies. Here’s how cybersecurity leaders can help. In the midst of a global pandemic in which thousands of people are losing their lives daily and we have no idea what the next week will bring, pondering the long-term risk implications for your agency might feel overwhelming. Yet, the current situation shines a spotlight on the importance of enterprise risk management (ERM) and the related disciplines of business continuity, disaster recovery and crisis management.

How to mitigate business fraud during COVID-19

The COVID-19 global pandemic has altered the way many businesses are operating for at least the near-term. Many companies have had to shut down or limit access to offices, encourage or mandate work from home, and cancel events and gatherings. Unfortunately, one activity that impacts a huge number of businesses but is unlikely to slow during the pandemic is fraud attempts. According to the Association for Financial Professionals (AFP) 2020 Payments Fraud and Control Survey, during the past year, 81% of companies were targets of payments fraud with fraudsters utilizing everything from Business Email Compromise (BEC) to altered checks, wire transfers, corporate credit cards and employee theft.

Key risk management strategies for businesses bringing employees back to work

Across Canada, many businesses are moving to reopen as lockdown restrictions related to the coronavirus outbreak start lifting. However, there are also new risks businesses will undoubtedly encounter as a result of the pandemic that they will have to learn how to mitigate, with the guidance of insurance professionals. The first of these risks is the state of mental wellness among their employees as they ready to return to offices and other workspaces. Businesses have to take a ‘temperature check’ of how their employees are feeling before bringing people back in full force.

‘Turla’ spies have been stealing documents from foreign ministries in Eastern Europe, researchers find

A notorious group of suspected Russian hackers have used a revamped tool to spy on governments in Eastern Europe and quietly steal sensitive documents from their networks, researchers said Tuesday. The discovery shines greater light on the operations of Turla, an elite cyber-espionage group that’s been around well over a decade and is widely believed to be working on behalf of Russia’s FSB intelligence agency. It’s the latest example of Turla’s ability to write code designed to lurk on victim computers for years and extract state secrets.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading