Cybersecurity & Espionage Articles
0 Comments
Original Post at Business Insider
Forever a student "polishing the stone" (dan ryun). Always try to get better at your craft from the technical aspects to your leadership skills. Original article at RedCanary.com
#1 Beware the insider threat!This would have been have been a pretty short movie if the First Order had an insider threat detection system combined with a working security re-education program. They did a good job detecting anomalous behaviour (a Stormtrooper not shooting civilians, taking his helmet off), but their re-education failed. Security education of a malicious insider is worthless – if they don’t believe in your mission, they are a continual risk. We’ve long espoused the power of user behavioural detection using detailed endpoint data to identify both malicious insiders and the “accidental insider threat” that endangers your business through ignorance or carelessness. Security awareness training is important, but it only works when your users care about your business. Original Post on GovInfoSecurity.com
Privacy attorney Ron Raether, of the law firm Troutman and Sanders, points out: "Companies need to have technical, administrative and physical controls appropriate to the sensitivity of the data and role of the employee. ... In the end, while we can blame the employee as being the weakest link, it is up to companies to evolve and adjust to new and persistent threats." The Reid Technique of Interviewing would probably categorize this as 'Projecting' the blame of the crime onto the victim (www.reid.com). Original Post at Fortune.com
One stark example of the difficulty of prosecuting international cyber espionage is the plight of AMSC...Sinovel reportedly convinced an AMSC engineer to misappropriate code from Wisconsin, decrypt it in Austria, and email it to China. AMSC did not promptly detect the IT breach...[and]...By the time they launched an investigation, contacted the FBI, and obtained an indictment, counterfeit copies of their software had already been sold back into the U.S. in Sinovel’s products. AMSC’s stock has since fallen from $370 / share to $5 / share. Original Post at Softpedia.com
41% of reported attacks happened internally (local networks or infected PEDs). In other words, don't plug personal thumb drives or phone chargers into your office machines. |
Cyber-CyI find interesting articles on the web that are simple, down-to-earth, easy to understand, and (hopefully) informative for non-technical readers. Archives
November 2022
Categories |