ITMG Insider Threat News – May 19, 2022

Why Data Protection is the First Step to Mitigating Insider Risk

Much is written about the corporate threat from shadowy remote hackers. A cybercrime economy worth trillions has certainly made this disparate bunch of financially motivated threat actors a major force to be reckoned with. But the biggest risk to corporate data and cybersecurity may in fact be closer to home.

New research reveals the nature and extent of this risk: a combination of naivety and negligence worsened by the trend for home working. When insider threats like this come knocking, protecting the data itself, wherever it is located, would seem the natural place to begin risk mitigation.

Privacy Makes all the Difference: Insider Risk Management and Insider Threat Surveillance

As insider risks, whether born from negligence, external intimidation, or true malicious internal threats, grow, organizations need to take steps to identify and eliminate these threats. In a previous post we discussed two competing approaches: Insider Risk Management and Insider Threat Surveillance. We promised to examine more closely seven core capabilities required for combatting insider risk. This post will drill down on privacy.

How to Set Up a Powerful Insider Threat Program

Security spend continues to focus on external threats despite threats often coming from within the organization. A recent Imperva report (by Forrester Research) found only 18 percent prioritized spend on a dedicated insider threat program (ITP) compared to 25 percent focused on external threat intelligence.

And it’s not just the employee with a grudge you need to worry – most insider incidents are non-malicious in nature. In its 2022 Cost of Insider Threats Global Report, Proofpoint and the Ponemon Institute found careless or negligent behavior accounted for 56 percent of all incidents and these also tend to be the most costly, with the average clean-up operation costing $6.6m.

Security Becomes Top Concern for FSI Leaders as Cyber Attacks Become More Sophisticated

In the finance sector, security has become a top-of-mind issue for business leaders as the number of cyberattacks skyrockets and campaigns become more sophisticated.

This is according to findings from a new survey conducted by cloud computing firm VMware. The study, which polled 130 financial sector security leaders, found that top executives and decision makers in the finance industry are aware of the rapidly evolving cyberthreat landscape and recognizing the need to put more resources and effort to keep up with these changes, with the majority of respondents planning to increase their security budget by 20-30% this year.

Employee of Engineering Firm Booked for ‘Corporate Espionage’

The Ahmedabad Cyber Crime Cell has booked an employee of AIA Engineering Limited, a giant in high chromium wear castings, for alleged corporate espionage by divulging secret research and development (R&D) material to a rival company.

According to police, an FIR was lodged against Rajnikant Patel, deputy manager at “Heat Department” of AIA Engineering, an Ahmedabad-based company for allegedly sending confidential documents related to R&D related to heat treatment to a rival company of AIA Engineering based in Jamshedpur of Jharkhand.

US-Israeli Cyber Firm Uncovers ‘Massive’ Chinese-Backed Industrial Espionage Ring

Cybereason, which is headquartered in Boston with offices in Tel Aviv, London, and Tokyo, said the group employed sophisticated methods and worked in an elusive manner to target technology and manufacturing companies in the US, Europe, and Asia and steal sensitive proprietary information.

Assaf Dahan, senior director and head of threat research at Cybereason, told The Times of Israel that the ring, known as the Winnti Group (and also tracked as APT41, Blackfly and Barium in cybersecurity circles) was “one of the most prolific and industrious groups in the cyber threat landscape,” and is known to operate on behalf of Chinese state interests.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading