INSIDER THREAT SECURITY BLOG

Email, one the greatest innovations in communication since the telephone.  One could even argue that it is the most important.  The ability to have a conversation (albeit in electronic format), send vast quantities of data, and involve an unlimited number of recipients is the backbone of modern business. With each iteration, Exchange gets more and more security features. Litigation hold and classification are good examples of this.  However, as useful as they are, they don’t a…

Guys and Gals: it’s 2016. We live in a cyber age. Our lives are a heterogeneous smorgasbord of devices, operating systems, cloud storage and social media. We are virtually always online in one way or another. Even our watches are constantly connected to something. We monitor our steps, our pulse, or stocks, our friend’s social lives (although I do wonder why sometimes). It’s not just our private lives that are always online.  Hands up if you don’t check your email away from the office. …

Several lessons can be learned from the spotlight that has been turned on Mossack Fonseca. For those of you just coming up to speed on “The Panama Papers”, Mossack Fonseca became a victim of a massive data breach. I use the term victim with a grain of salt as what the papers actually revealed about the global rich, privileged, and powerful is up for discussion. The lessons learned span two key areas of how the breach occurred and what could have been done to prevent the breach. How did the br…

I know it’s so cliché, but it’s a great analogy. Trying to find the events that matter in your native file activity logs on Windows and NAS devices is like finding a needle in a haystack. These logs are so verbose, so performance-intensive, and so difficult to manage that most organizations don’t even bother with them. But, anything can be in any file. Any file can be the one that sinks you. As a result, every file equals risk. And if I’m trying to manage my risk, I want information. I wan…

A Holy Grail…. The Holy Grail of File Activity Auditing is very easily summarized with the well known 5 ‘Y’s and the ‘H’…or is it? We can discount two of these straight away: Why: The reason or sentiment behind why is virtually impossible to identify and certainly isn’t a binary, 1 or 0 thing. So let’s park this for another day. How: This is certainly something that is important to data governance, but not specifically to activity auditing. Determining open access or compro…

A few days ago I had the opportunity to attend the Evanta 2016 New York CISO Executive Summit. It was a great event, attended by leaders in information security on both the customer and vendor sides of the equation. Throughout the day, CISO’s from some of the world’s largest organizations and other thought leaders in the world of cybersecurity presented in keynote and breakout sessions, offering up their thoughts on the state of security and advice on where to focus efforts in these turbulent…

The ability to monitor file access activity across file shares residing on NAS and Windows devices represents both a tremendous gap and opportunity for organizations looking to identify threats, achieve compliance, and streamline operations. Unfortunately, most organizations can’t answer the most basic questions surrounding data activity, and it ultimately boils down to a handful of seemingly simple reasons: Volume – The volume of data is typically more than organizations can handle…

Just like every previous year, the 2016 Verizon Data Breach Investigations Report (DBIR) highlighted the same, sad fact – attackers are getting more sophisticated, the number of attacks are rising, and so are attack success rates.  Not coincidentally, the reasons for these increases come down to the same old things – poor patching processes, lack of visibility and control over critical configurations, and an inability to focus one’s limited resources on the right things. Patching? Confi…

The General Data Protection Regulation (EU GDPR) For many, April 14th will go down in history as the day the world (well, Europe anyway) woke up and realized the importance of privacy laws designed for the 21st Century. What is the EU GDPR? A directive intended to regulate the movement of personal data within the European Union and is part of the EU privacy and human rights law. It repeals Directive 95/46/EC and is intended to form a single, encompassing data protection law across all EU mem…

Just like a great piece of cake, PIM (Privileged Identity Management) has its proper ingredients too. Without the flour, is your cake really cake? Without understanding which accounts in your environment are actually privileged, are you really managing privileged identities? Certainly this is a matter of opinion, as we shouldn’t allow ourselves to operate in an all-or-nothing mindset – things don’t have to be perfect for them to be effective – but the point is that fundamentals make a differe…