INSIDER THREAT SECURITY BLOG

WannaCry Ransomware and GDPR 13 Months. That is the number of months (from the time of this writing) separating the #WannaCry attack from being not just a massive information security “incident” but the single largest test of the EU General Data Protection Regulation (GDPR). We are not going to focus on the WannaCry ransomware in this post though. If you’re interested in my technical breakdown, you can read my previous post. Today, I want to double-click past the malware and look at what t…

WannaCry / Wcry / WannaCrypt Ransomware A large-scale cyber attack (WannaCry ransomware) that began on May 13th has already infected over 230,000 computers in 150 countries, demanding ransom payments in 28 languages – these numbers continue to grow and given the patch for the vulnerability being exploited is only two months old, we are likely to see these numbers increase. The perpetrators of the attack are not yet known, however, the origins are. The infection vector was made “wormable…

I’m Going to Start This Blog out With a Story The other weekend my roommate and I had some company over to our apartment. It was like any other Friday night – friends chatting, music playing, and a few adult beverages being passed around. However, as we were leaving to go out to the bars, one of our guests decided it would be hilariously funny to play a little prank. Unbeknownst to me, he used the voice ordering feature on my Amazon Echo (something that I had never turned on, utilized, or co…

Active Directory Permissions The release of StealthAUDIT 8.0 delivers enhanced Active Directory (AD) Permissions analysis capabilities. This is welcome news to the over 90% of organizations that use Active Directory to control who can access their network and resources. I say welcome because there are so many different ways to grant privileged access to AD and no easy way to see all these permissions in one place with native tools. Permissions Analyzer That’s where comes StealthAUDIT for Acti…

The success of any Data Access Governance program starts with implementing a resource-based groups provisioning workflow by automating the least privilege access model. StealthAUDIT 8.0 automates the application of least privilege access control across file systems in bulk and at scale. By converting existing access control lists to a resource-based group security model and revoking excessive privileges, StealthAUDIT programmatically protects data from exfiltration and ransomware.   …

What is NYCRR 500? On March 1st, 2017, the New York State Department of Financial Services put into effect new cybersecurity requirements of its ‘covered entities’. Those entities include banks, trusts, budget planners, check cashers, credit unions, money transmitters, licensed lenders, mortgage brokers or bankers, and insurance companies that do business in New York. Within the next 180 days (starting from March 1st 2017), organizations must ensure they have a comprehensive Cybersecurity Pr…

In part three we discussed how no one person, organization or vendor has ‘the’ silver bullet to GDPR compliance.  What you need is an array of tools and people to address the many challenges ahead. Saying that not all technical solutions are equal in their value to a GDPR project. Given GDPR is a Data Governance project (as discussed in part two), it makes sense to leverage both technology and people with Data Governance running through their veins Stealthbits is that. Stealthbits has focu…

File System Auditing Adequately and efficiently capturing file system access and change activities can dramatically increase an organization’s ability to detect insider threats, prevent data breaches, and mitigate the damage that can be done by advanced threats like crypto ransomware. Native file system auditing functions within file repositories like Windows file servers and NAS devices like NetApp and Dell/EMC, however, are highly challenging to work with – sometimes impossible – often resu…

This is arguably the most important element in achieving GDPR compliance. No organisation can do everything independently. Even software vendors must engage with outside agencies on this one. We’re going to discuss ‘the right people’ as two categories; Internal and External. If ever there was an all hands requirement in a project, this is it. Internal Because GDPR is a compliance regulation, it’s far too easy to fall into the trap of believing this is simply a job for the InfoSec tea…