ITMG Insider Threat News – October 19, 2020

itmgnews101920

71% Of Healthcare Organizations Are More Concerned About Insider Threats Now Than Before The Pandemic

Netwrix report reveals that concern about the risks of data theft by employees and IT admin mistakes has soared since the pandemic. Netwrix conducted this online survey in June 2020 to understand how the pandemic and ensuing work-from-home initiatives changed the IT risk landscape. Because healthcare organizations are on the front line of the battle to contain COVID-19, they had to revise their cybersecurity priorities more quickly than perhaps any other vertical market. Pre-pandemic, they were mostly concerned about employees accidently sharing sensitive data (88%) and rogue admins (80%); today they are worried about phishing (87%), admin mistakes (71%) and data theft by employees (71%). As it turns out, their perceptions of risk are both founded and unfounded. They are correct to be concerned about phishing and IT staff errors, since those types of incidents were experienced by 37% and 39% of respondents, respectively, during the first few months of the pandemic. However, even though 37% suffered improper data sharing, concern about this risk plummeted by 32 percentage points since the pandemic began.

How Do You Start Preventing Potential Insider Threat Incidents?

It falls on everybody at an organization to prevent insider threat incidents. Here’s how you can start. Now more than ever, businesses and organizations need to take insider threats seriously and develop strategies to help them deal with it. Detection and investigation are two facets of this process that are obviously very important. You need these in order to protect your data, applications, and infrastructure and gather information when an incident occurs. But don’t discount the payoff that can result from developing insider threat prevention strategies alongside them. By preventing an incident from happening in the first place, you can do a great deal to help your organization. So how do you start?

The cost of an unsecure remote environment to your organization? $5 to 10M

Businesses around the U.S. have experienced a significant and correlating spike in cyberattacks since remote work began in early 2020. Cybersecurity in the Remote Work Era: A Global Risk Report, sponsored by Keeper Security and conducted by The Ponemon Institute, surfaced and examined the most pertinent new challenges organizations today face in preventing, detecting and containing cybersecurity attacks in the colloquial “new normal.” 63% of U.S. companies have seen an increase in phishing/social engineering during the pandemic; 52% noted a jump in credential theft and 50% reported a rise in incidences of account takeover. Damages or theft to IT infrastructure cost 41% of U.S. businesses to lose $5 million to $10 million or more in the last year.

Stopping the insider threat: FBI releases a video for CSOs

The FBI and the Office of the Director of National Intelligence’s (ODNI) National Counterintelligence and Security Center (NCSC) have produced and released a 30-minute movie, inspired by true events, called “The Nevernight Connection.” The movie details the fictional account of a former U.S. Intelligence Community official targeted by foreign intelligence service via a fake profile on a professional networking site and recruited to turn over classified information. This movie aims to increase awareness of how foreign intelligence entities use fake profiles and other forms of deception on social media platforms to target individuals in government, business, and academic communities for recruitment and information gathering.

Ransomware: Once you’ve been hit your business is never the same again

In additional to financial costs and reputational damage, a ransomware attack can also lower the confidence of your information security team, too. Getting hit with a ransomware attack damages an organisation in many ways – from stopping it being able to fully operate for weeks, to angry customers and potential reputational damage. But a ransomware attack also has a human cost, affecting the confidence of IT and information security teams – and potentially for a long time after the initial attack. A new research paper by cybersecurity company Sophos says the extent of this confidence hit is so significant that the culture at these companies is never the same again. That’s perhaps not surprising as there are some suggestions that suffering a major attack can make your organisation more likely to be hit again because criminals will identify it as a company that could be an easy target.

Dealing with the Full Spectrum of Cyber Threats

It’s hard dealing with the full spectrum of cyber threats. The threat landscape is constantly evolving and, to further compound the challenge of defending our enterprises, we continue to roll out new technologies and extend security boundaries into the cloud and Work From Home environments to support the “new COVID normal” and our digital transformation initiatives. The bottom line here is that threats continue to evolve, and our environments are getting more complex and harder to defend. So, what can be done to better defend our enterprises against the full spectrum of cyber threats in this constantly shifting environment? I intentionally used a pretty open-ended statement of “full spectrum cyber threats” to characterize threat because in reality we need to be prepared to rapidly respond to whatever the attackers throw at us. This could include continually evolving Phishing and Ransomware threats from cyber criminals, sophisticated and stealthy attacks from nation state attackers, insider threat, exposure through 3rd party partners, supply chain threat, and a whole host of other things. The key to defending against all these threats is early detection and validation of anomalous activity to allow us to identify adversary Indicators of Compromise (IOCs) and stop the adversary before significant damage is done. This sounds easy but as we all know it is extremely difficult to pull off. This blog post will lean a little more into my federal background and experience (spoiler alert – I’m a huge fan of automation, Big Data analytics, and Machine Learning) but the takeaway remains the same for both private and public sectors – traditional reactive based defenses are insufficient to protect us against the full spectrum of cyber threats and need to be augmented with proactive security capabilities.

Insider Threats: How to Spot Them and Stop Them

One of cybersecurity’s most daunting hurdles is recognizing and stopping insider threats. Employees don’t need to hack in, they already have access to systems from within, so it’s a matter of copying the data and not hacking in to get it. Defending against this vulnerability is a must for organizations, and it often requires organizations to change their mindset concerning access and access control regarding resources and data to improve security. Simply put, an insider threat or risk is often posed by employees or contractors who bring a risk of fraudulent activity or data breach from within the organization, and that has the potential to endanger the organization. This threat could be deliberate — to cause harm, however, could also be accidental. Nonetheless, it being an accident does not reduce the resultant impact. The threat could target certain sensitive information, programs, or operations, disclose intelligence, or target and harm a particular person or particular organization.

Boston Private Releases Survey on Threats to Family Offices

Boston Private, a leading provider of integrated wealth management, trust and banking services, today released a proprietary report titled “ Surveying the Risk and Threat Landscape to Family Offices,” which explores the increasingly complex threats that family offices face and offers actionable data to improve risk management processes. The full report can be accessed here. Wealthy families and family offices have long been targets for various threats, but the variety and complexity of those threats are growing dramatically. The complexity, paired with a lack of data and intelligence specific to the audience, often prevents family office executives from adequately identifying and managing risk. With responses from 200 executives at single and multi-family offices, the report offers rare insight into the mindset of family offices as it relates to risk management, alongside a comprehensive overview of the risk landscape, including: A need for better insider threat procedures: Eight-in-ten (81%) family offices do not conduct periodic background checks on personnel.

Remote, Hybrid Work Need Better Data Security

2020 is a uniquely transformative year. Prompted by a global pandemic, we’ve been forced to change many things about how we live, work and relate. For most businesses, this means a rapid and comprehensive shift toward remote work. While more than half of all employees participated in a rapid transition to remote work, it’s clear that this is more than just a temporary change. According to a June survey by PwC, 83% of employees want to work from home at least once a week and 55% want to continue working remotely even after the pandemic subsides. As companies look to cut costs, reduce turnover and maximize growth potential, it’s clear that telework will play a central role in both the present and future of work. While remote work comes with many benefits, it also presents several unique cybersecurity challenges. By now, the costs and consequences of a data breach or cybersecurity event are well-documented, and they threaten to undermine the benefits of this new work arrangement. Fortunately, companies aren’t powerless in this regard. By taking steps to mitigate the most potent threats, they can minimize risk and maximize opportunity during this transformative moment.

Communicate With Confidence Through A Cyber Crisis

Data breach. Ransomware. Insider threat. Disinformation. Misinformation. Social media manipulation. For communications and marketing professionals, these are just a handful of the things that keep us up at night. It’s no longer if, but when your organization will fall victim to a digital assault. According to research from the University of Maryland, hackers probe a network every 39 seconds, on average 2,244 times a day. The digital world, which we are nearly dependent on, is full of nefarious actors that do not care about your organization, its mission statement or its reputation. Communications professionals need to be familiar with information security, its risks and how to respond to a crisis. And they also need to understand the tactics to prevent one. This involves helping executives make the proper cybersecurity decisions to protect the brand’s reputation and bottom line. October marks National Cybersecurity Awareness Month. Each year, the National Cyber Security Alliance, in collaboration with the U.S. Department of Homeland Security, establishes a theme and resources to help bring cybersecurity awareness to the masses. The 2020 theme is “Do Your Part. #BeCyberSmart.” In support of this theme, here are four ways communications teams can do their part to prepare for and navigate their organization through a cyber incident.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading