One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 353728 |
| Date de publication | 2017-04-05 13:00:00 (vue: 2017-04-05 13:00:00) |
| Titre | Defining and Addressing the Growing Cyber Insider Threat |
| Texte |
The Cyber Insider Threat is one of the most difficult challenges for companies, organizations, and countries. It is often difficult to discover, defend and remediate because such threats can involve a combination of human behavioral elements and hardware and software technologies. Many of the threat actors are tech-savvy and are becoming increasingly sophisticated in their methods of infiltration. What Is Insider Threat – read more
The recent “Vault 7” WikiLeaks download of thousands of pages of sensitive CIA hacking tools and techniques is the latest episode of high profile insider breaches. Other noted examples include Army Pfc Chelsea Manning - 400,000 documents - Iraq War logs, 91,000 documents- Afghanistan database, Edward Snowden - 50,000 to 200,000 NSA documents, Harold Thomas Martin III NSA Contractor- 50,000 gigabytes, about 500 million documents, Home Depot data breach - 56 million credit cards, Yahoo - 1 billion accounts, and Twitter - 32 million accounts. Healthcare – 4 million patient records. Average cost of a data breach in 2016 was $4 million dollars/company (Ponemon). Global business loss in 2014 – $1.7 trillion dollars with 23% annual growth. 2016 losses could be higher than $3 trillion dollars globally (stats courtesy of Mr. Thomas Kupiec – Chief Information Security Officer – SMS and former CISO of the National Geospatial Intelligence Agency)
There are voluminous lists of breaches (see infographic), not all of them are insider breaches, but many of them can be attributed to actions from someone on the inside. These data breaches touch every vertical of society; security, healthcare, financial, transportation, and commerce.
Source for Infographic
For Chief Information Security Officers (CISOs), defending against insider threats is a biggest challenge. In fact, according to a recent SANS Survey on Insider Threats, 74% of CISOs expressed concern about employees stealing sensitive company information. In the 2016 Cyber Security Intelligence Index, IBM found that 60% of all cyber- attacks were carried out by insiders. The Verizon 2016 DBIR Report [KB2] disclosed that that 77 percent of internal breaches were deemed to be by employees, 11 percent by external actors only, 3 percent were from partners and 8 percent involved internal-external collusion which makes them hard to categorize. And according to Accenture HfS Research 69% of enterprise security executives reported experiencing an attempted theft or corruption of data by insiders during the last 12 months.
TYPES OF INSIDER BREACHES
To understand vulnerabilities to insider threats, it is important to be able to define and categorize the types. The Information Security Forum (ISF) provides a good framework for describing insider breaches:
Malicious: Malicious insider behavior combines a motive to harm with a decision to act inappropriately. For example, keeping and turning over sensitive proprietary information to a competitor after being terminated.
Negligent: Negligent behavior can occur when people look for ways to avoid poli |
| Envoyé | Oui |
| Condensat | related “an “cybersecurity “the “vault 000 13587 200 2012 2014 2014/15 2016 2017 2017 31st 400 450 500 666 7” able about academia academy accenture access accidental accidental: according accounts act action actions activities actors address addressing adjunct administration advisor afcea affiliations afghanistan after against agencies agency alien all also analytic analyze annual anticipate anyone application approach approved are areas: arlen army assets; associated attack attacks attempted attributed audits author authorized automated availability average avoid awards aware awareness because becoming been behavior behavioral being best biggest billion blackmailed both breach breaches breaches: bring brooks business but byod can capabilities capability capitol cards cardswhat carnegie carried cases categorize category cause causes cert® certificate chairman challenge challenges chelsea chicago chief chuck chuck’s cia ciso cisos civilian classified cnp collect collusion combination combines commerce committee common companies company company’s competitor complete completely compliance comprehensive compromised comptia’s concern conduct confidentiality configuring congress continually contractor control controls corruption cost costly could countries course courtesy covering credit critical cross current cyber cybersecurity damages data database dbir decision deemed defend defending define defining definition: department department's depauw depot described describing detect detection deter determine developed device devices dhs dhs's difficult digital director directorate disclosed disclosure discover disgruntled documents dollars dollars/company download due during economics education education/training edward effective effort elements eliminating emerging employee employees emv encryption engineering engineering; enterprise episode especially establish evaluating every example examples excellence executive executives experiencing exploits expressed external eye fact faculty federal feel financial first fit focus follow former forum found foundational framework from furnish future general geospatial gigabytes global globally good government graduate growing growth hacking had hague hard hardware harm harold has have healthcare heed help hfs high higher hill home homeland hopkins how human hygiene ibm identify iii impact impede implemented implications importance important improve inaction inadvertent inappropriately incentives include includes including incorporate increase increases increasingly index industry infiltration infographic information infosec infrastructure initial initiatives: inside insider insiders institute integrity intelligence intent interest internal international introduced intrusions investigative involve involved iraq isf issued issues jan johns just kb2 keeping kupiec lack landscape last late latest law legislation legislative level likelihood likely linkedin linkedin” lists logs look loss losses lost maintain maintained makes malicious malicious: malware management manning many mapping march marketer marketing martin may mechanism mellon member members memory methods million mitigate mitigation monitored monitoring months morale more morphing most motivation motive multitude named national need negligent negligent: network networks new not noted nsa obama occur officer officers often one ones only operational operations opm opportunity order organization’s organizations other out outside over overlooked own pages part partner partners patches patient people percent permissions personnel pfc phishing physical policies policy political pollination ponemon poor portable pose potential practices; predict president prevalent prevent prevention primary prior private probability processes professional profile program proprietary protect protecting protection protocols provide provides prudent public r&d ransomware rapid react read recent recognize records reduce reflects reforms regarding re |
| Tags | |
| Stories | Yahoo |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.