INSIDER THREAT SECURITY BLOG

The IRS Get Transcript data leak is evidence of just how complex security at large scales can be. By now I’m sure you’ve heard that at least 100,000 US tax payer’s IRS transcript data has been stolen, and up to 200,000 (possibly many more) were attempted to be stolen. With all the breaches in the news, it’s easy to assume this is just another example of poor security at an organization leading to the bad guys finding a way in. This case isn’t so cut and dry. This time the bad guys didn’t kick…

Last week I was lucky enough to attend a small room presentation by Joshua S. Bloom. He went through a tour de force in data science. He had to figure out a lot of this not because of the trendy big data problems and approaches that we see in just about every new vendor that pops up in the security space, but because he had so much data flowing in from telescopes and other apparatus that doing good data science was his only defense. He’s translated that learning into a company focused on harn…

In recent times, cyber criminals have been responsible for a number of Advanced Persistent Threat (APT) attacks. This type of cyber attack often comes from well-coordinated and funded individuals having very specific objectives; in fact, they are often directed at business and political targets. What makes APT attacks different from any other cyber offense is the scope, as they exploit vulnerabilities not to disrupt systems but, mostly, to collect sensitive data. The Department of Homeland…

I feel better when I exercise. I’d probably do it even if it weren’t really good for my health. Really. But, a nice by-product of my “indulging” in a good Stairmaster workout is improved health. My desire to feel better drives me to exercise, not because I know it’s good for me. Conversely, I know friends who exercise only because they know they have to, and they’re miserable. They do it because their Doctor said so, but they’re not happy about. There was a time, not long ago, when IT Depa…

The Analytics Buzz It’s an exciting time! The IT security industry is buzzing with vendors talking analytics as the solution to a never ending cat-and-mouse game of “catch the bad guy.” The idea is that analytics puts a combination of the brains and horsepower in the box. Massive amounts of activity data coupled with super computing power has the potential to detect and highlight anomalies. And these anomalies will supposedly illuminate the bad guy like a spotlight in a prison camp. His…

If you didn’t make it to the RSA Conference this year, you missed the largest, maddest security event I’ve ever seen. With reports of 33,000 attendees and nearly 40,000 people including exhibitors and others, the Moscone center was bursting at the seams with security professionals. I kept up my streak of not making it to a single session. Meeting with customers, technology partners, consulting and MSP partners, as well as a string of press and analysts took up every moment of the day and nigh…

It seems like everyone I talk to right now is wondering what in the world they’re going to do about their file problem. I was working with a small hospital group, they’ve merged together 6 or 7 hospitals and they’re looking to acquire more. Their biggest challenge: “Where are all of the sensitive HIPAA files located?” Not “Hey, what about different domain schemas?” or “What applications are they running?” or even “Hey, what kind of hardware am I going to need?” Their biggest problem: “Where …

Though the RSA Conference is a little later this year than past ones, it still feels like a rush now that we’re almost there. We’ve got a lot of things to do and we’re planning on literally the biggest presence we’ve ever had. Yes, I know how to use the word literally; I’m talking about moving on up to a bigger booth. That means the lines you may have had to talk to folks will be shorter. We’re also going to have a small meeting space built into the booth. That means a place to sit and have t…

Had the chance to speak with a senior member of the security team at a large entertainment company this week about some of their challenges regarding access management. The conversation immediately turned to his issues with provisioning, “onboarding and offboarding” as he referred to it each time. I thought that meant we would be referring him to one of our partners in the identity management world, and quickly turning ourselves into a supporting player. I was wrong. They have a system in pla…

I don’t make my kids clean their rooms just to facilitate harmonious feng shui. They’re busy tirelessly mining through millions of Legos and, when scooping up all those pieces seems overwhelming or uninteresting, I try to explain why. An organized room is a healthier – and safer – place to play. There’s a clear parallel here with AD: a clean Active Directory is a healthy Active Directory. The health of AD affects the well-being of other applications and systems. For example: how long can you…