INSIDER THREAT SECURITY BLOG

There’s a reason Mom and Dad put the liquor in a locked cabinet when my sister and I entered our teenage years. They could make rules, policies, and even threaten discipline, but nothing beats a physical obstacle to enhance security. With some effort and increased risk, we could break into the cabinet, but it made our lives much more difficult. An “open share” on a corporate network is like an open bar, and the bad guys and rogue employees – like teenagers – have a tendency to ignore rules, p…

Two years ago, I met a relative of a friend at a Thanksgiving dinner party. He was a prominent plaintiff’s attorney at a NJ law firm one might recognize from their personal injury commercials; my friend told me previously that he’d done quite well for himself over the years. At my urging – I get bored quickly at formal dinner parties and constantly search for a distraction – he told me about a case he was working on. A couple parked their car in a parking garage and went to dinner. Upon their…

The raft of enterprise data breaches over the past few years has prompted rapid evolution in Infosec technology, enterprise security philosophy, and has amplified the strategic importance of cybersecurity among corporate leadership. All good stuff. But, as every silver lining has a cloud, and, since we live in the most litigious nation on the planet, it should surprise no one that the legal community smells blood in the water. Given this reality, I thought it might make sense to explore th…

Whoever said crime doesn’t pay wasn’t thinking out-of-the-box, or hasn’t met Ivan Turchynov, the purported leader of a Ukrainian hacking ring recently cracked by US Federal investigators and reported in the Washington Post on August 11th. Apparently, the hackers worked with equity traders to generate upwards of $100MM in profits since 2010 by trading on stolen insider information. Stealing 150,000 corporate press releases before they were public, they were able to accurately predict stock …

User behavior analytics (UBA). If it’s not the hottest buzz word in the InfoSec world today, it’s definitely challenging for the top spot. Identifying a security threat, either external or internal, based on activities that vary from a normal pattern is all the rage, and without question, can be a valuable tool in the battle against security threats. Why is John accessing that file share repeatedly this week and copying so many documents? He rarely visits that server, and never copies 30 file…

Aspirational versus Actual, it has been a mantra of mine for some time; an epiphany, if you can call final realization of the obvious an epiphany. This dichotomy is the root which bears the symptoms of the IRS, Target, Chase, Sony, Home Depot, etc etc etc. Our strategies, controls, energies, discussions, tools are all predicated off of an Aspirational understanding of our battlefield. We Believe that our network is built to match that pretty visio diagram, that our applications will work just…

I was thinking over the weekend about last week’s breach of the UCLA Health System and subsequent theft of 4.5 million medical records. Hackers know that medical records can fetch 10 times the dollars that a stolen credit card can, and that makes sense when you think about it. Cancelling or changing your credit card number takes one phone call to your credit card company’s 1-800 number, and with the advent of credit card fraud detection software – that phone call/email you get from your CC co…

I spent a lot of time in June flying about to customers, prospects, and partners. Much more than usual, in fact, and while there were some cool and not-so-cool places on the itinerary, across the board it was interesting to meet folks in different parts of the world. A big part of my job here at STEALTHbits is to talk to people. Sometimes I’m convincing them how cool our products are, sometimes I’m training them on how to use the products, and sometimes I’m trying to learn from them what the…

I spent part of my Father’s Day weekend as a quintessential dad: lying on the couch watching “300”, the fictional portrayal of the Battle of Thermopylae, where – in the movie – a force of 300 elite Spartan warriors held off a massive Persian army by forcing the Persians to pass through a narrow canyon road to affect their invasion of Greece. The pass at Thermopylae was the smart place to fight the Persians since the bad guys – at least as portrayed in movie – had no choice but to pass through…

I’ve been a sports fan all my life. If you’re into sports tactics at all, you know a common offensive scheme in virtually any sport is to spatially spread out the opposing team’s defense. Why? It creates space to maneuver, opening up options for attack that just aren’t there when everyone is bunched up in a group. However, the best defenses limit the offense’s ability to spread the field/court/pitch (what have you) with matchups. Matchups essentially render certain forms of attack useless, wh…