#1 Trending Cybersecurity News & Magazine
Monday, October 2, 2023
No Result
View All Result
The Cyber Express
  • MagazineDownload
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacking News
    • Ransomware News
    • Vulnerabilities
    Cyber Security Legal Challenges

    Navigating The Post-Incident Cybersecurity Legal Challenges

    Cybersecurity Budget Trends 2023

    Cybersecurity Budgets Trends in 2023 Record a Meagre 6% Rise

    Cybersecurity Awareness

    Remote Workers Outshine In-Office Counterparts in Cybersecurity Awareness

    Cybersecurity Awareness Month

    Cybersecurity Awareness Month: 20 Years of Protecting Our Digital Future

    Facial Recognition Ban

    New York State Education Department Bans Facial Recognition Scans in Schools

    Phishing HTML Files

    Evading Antivirus: The Rise of Phishing HTML Files

    Indian Taxpayer Data Leak

    Indian Taxpayer Data Leak: Login Credentials Exposed on Hacker Forum

    NoName Ransomware Group

    NoName Ransomware Group Targets Transport Organizations in the UK

    Largest Healthcare Data Breach

    McLaren Healthcare: Largest Healthcare Data Breach by ALPHV, 6TB Data Stolen

    Trending Tags

    • blackbyte ransomware
    • Ransomware
    • lapsus$ ransomware
    • Apple
    • Apple vulnerability
  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    Facial Recognition Ban

    New York State Education Department Bans Facial Recognition Scans in Schools

    US Cybersecurity Regulations: Tracing the Past and Predicting the Future

    US Cybersecurity Regulations: Tracing the Past and Predicting the Future

    threat landscape

    The Three Trends to Watch in the Growing Threat Landscape

    Mandatory Dark Web Monitoring for Indian Companies: SEBI Bolsters Cybersecurity Measures

    Mandatory Dark Web Monitoring for Indian Companies: SEBI Bolsters Cybersecurity Measures

    Tesla Data Leak

    Massive Tesla Data Leak Exposing Over 75000 Staff Attributed to Former Employees

    Cybersecurity Primer

    Bridging the Gap: Cybersecurity Primer to Address Woes Surrounding US Government Officials

    Executive order for cybersecurity

    White House Directs Federal Agencies to Enhance Cybersecurity Amid Exposure Concerns

    AI Cyber Challenge

    Biden-Harris Administration Introduces AI Cyber Challenge, Offering $20 Million Reward

    aws agent hijack

    New Research Exposes Advanced Cyber Threat – Attackers Hijack AWS Agent to Control Endpoints

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • All
    • Appointments
    • Budgets
    • Mergers & Aquisitions
    • Partnerships
    • Press Release
    • Startups
    Countdown to TimeAI Summit 2023

    Countdown to TimeAI Summit 2023: Unveiling the Future of Artificial Intelligence in Dubai

    Emerging Tech Summit

    The Emerging Tech Summit – Saudi Arabia 2023

    Business Cybersecurity

    Prioritizing Business Cybersecurity Plans During Mergers and Acquisitions

    TimeAI Summit

    TimeAI Summit is Uniting Tech Giants and Visionaries in Dubai to Shape the Future of AI

    CyberDSA 2023

    CyberDSA 2023: Forging a Resilient Digital Future Through Unprecedented Collaboration

    Summit MENA 2023

    MENA Summit 2023: Exploring the Future of Digital Identity & Authentication

    Cyble Raises 24 Million in Series B Funding

    Cyble Raises 24 Million in Series B Funding: Leveraging AI and Threat Intelligence to Revolutionize Cybersecurity

    Alarming 66% Quarterly Growth in Ransomware Attacks Notes Cyble’s Q2-2023 Ransomware Report

    Alarming 66% Quarterly Growth in Ransomware Attacks Notes Cyble’s Q2-2023 Ransomware Report

    Bureau Raises $16.5M in Series A Funding

    Bureau Raises $16.5M in Series A Funding to Drive Global Expansion and Combat Cyber Fraud

    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • EventsCyberCon
    • World CyberCon India 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • ProductsTools
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin (Beta)
SUBSCRIBE
  • MagazineDownload
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacking News
    • Ransomware News
    • Vulnerabilities
    Cyber Security Legal Challenges

    Navigating The Post-Incident Cybersecurity Legal Challenges

    Cybersecurity Budget Trends 2023

    Cybersecurity Budgets Trends in 2023 Record a Meagre 6% Rise

    Cybersecurity Awareness

    Remote Workers Outshine In-Office Counterparts in Cybersecurity Awareness

    Cybersecurity Awareness Month

    Cybersecurity Awareness Month: 20 Years of Protecting Our Digital Future

    Facial Recognition Ban

    New York State Education Department Bans Facial Recognition Scans in Schools

    Phishing HTML Files

    Evading Antivirus: The Rise of Phishing HTML Files

    Indian Taxpayer Data Leak

    Indian Taxpayer Data Leak: Login Credentials Exposed on Hacker Forum

    NoName Ransomware Group

    NoName Ransomware Group Targets Transport Organizations in the UK

    Largest Healthcare Data Breach

    McLaren Healthcare: Largest Healthcare Data Breach by ALPHV, 6TB Data Stolen

    Trending Tags

    • blackbyte ransomware
    • Ransomware
    • lapsus$ ransomware
    • Apple
    • Apple vulnerability
  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    Facial Recognition Ban

    New York State Education Department Bans Facial Recognition Scans in Schools

    US Cybersecurity Regulations: Tracing the Past and Predicting the Future

    US Cybersecurity Regulations: Tracing the Past and Predicting the Future

    threat landscape

    The Three Trends to Watch in the Growing Threat Landscape

    Mandatory Dark Web Monitoring for Indian Companies: SEBI Bolsters Cybersecurity Measures

    Mandatory Dark Web Monitoring for Indian Companies: SEBI Bolsters Cybersecurity Measures

    Tesla Data Leak

    Massive Tesla Data Leak Exposing Over 75000 Staff Attributed to Former Employees

    Cybersecurity Primer

    Bridging the Gap: Cybersecurity Primer to Address Woes Surrounding US Government Officials

    Executive order for cybersecurity

    White House Directs Federal Agencies to Enhance Cybersecurity Amid Exposure Concerns

    AI Cyber Challenge

    Biden-Harris Administration Introduces AI Cyber Challenge, Offering $20 Million Reward

    aws agent hijack

    New Research Exposes Advanced Cyber Threat – Attackers Hijack AWS Agent to Control Endpoints

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • All
    • Appointments
    • Budgets
    • Mergers & Aquisitions
    • Partnerships
    • Press Release
    • Startups
    Countdown to TimeAI Summit 2023

    Countdown to TimeAI Summit 2023: Unveiling the Future of Artificial Intelligence in Dubai

    Emerging Tech Summit

    The Emerging Tech Summit – Saudi Arabia 2023

    Business Cybersecurity

    Prioritizing Business Cybersecurity Plans During Mergers and Acquisitions

    TimeAI Summit

    TimeAI Summit is Uniting Tech Giants and Visionaries in Dubai to Shape the Future of AI

    CyberDSA 2023

    CyberDSA 2023: Forging a Resilient Digital Future Through Unprecedented Collaboration

    Summit MENA 2023

    MENA Summit 2023: Exploring the Future of Digital Identity & Authentication

    Cyble Raises 24 Million in Series B Funding

    Cyble Raises 24 Million in Series B Funding: Leveraging AI and Threat Intelligence to Revolutionize Cybersecurity

    Alarming 66% Quarterly Growth in Ransomware Attacks Notes Cyble’s Q2-2023 Ransomware Report

    Alarming 66% Quarterly Growth in Ransomware Attacks Notes Cyble’s Q2-2023 Ransomware Report

    Bureau Raises $16.5M in Series A Funding

    Bureau Raises $16.5M in Series A Funding to Drive Global Expansion and Combat Cyber Fraud

    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • EventsCyberCon
    • World CyberCon India 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • ProductsTools
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin (Beta)
No Result
View All Result
The Cyber Express
No Result
View All Result
Home Features

Insider Threats: Elephant in the cubicle!

Augustin Kurian by Augustin Kurian
July 29, 2022 - Updated on August 3, 2022
in Features
0
Insider Threat
598
SHARES
3.3k
VIEWS
Share on LinkedInShare on Twitter

In June 2017, while scouting through GitHub, an online code-sharing programming resource, information security expert and author Jason Coulls spotted a trove of sensitive documents from several American, Canadian, and Japanese financial institutions. The repository contained migration plans, estimates, presentations, and other sensitive data that could have put those companies at risk.

Further research into the breach revealed that the data leak was an accidental mistake or rather a “monumental common-sense failure” of a developer working with Indian IT service giant Tata Consultancy Services (TCS). Coulls immediately notified the banks about the leak. “This was a new level of monumental head-scratching activity, as you could fork or clone an entire repository containing architecture details and roadmaps for some of the largest financial institutions in North America,” he wrote in a blog post.

You might also like

Abandoning Legacy Systems; Route to Establish Cyber-Security in Healthcare

Get Your Hack On: Top 10 Anime About Hacking for Cybersecurity Buffs

Netflix’s Unlocked, A Cybersecurity Nightmare Exposing the Horrors of Stolen Data

The good news is that none of it was banking customers’ data,” Coulls told technology news website The Register after the incident. But there was still a lot of useful stuff there – not just for hackers but for the firm’s competitors. The first bank that looks at it gets to see what everyone else is doing.” Coulls also roasted TCS for not firing the team member immediately after the incident who was the most significant catalyst for the monumental catastrophe.

Insider threats pose a higher risk than hackers

The above incident highlights what accidents can do, but what is even more staggering is that one in four employees have intentionally leaked confidential data. When data privacy and risk management company Egress Software Technologies surveyed 2,000 UK workers, they may not have anticipated that the threat they were handling was elephants in the cubicles.

The survey revealed that employees who leaked information were likely to share data with their new or former employers or competitors. These could be bank details and customer information, among other sensitive data.

A survey by Vanson Bourne stated that insider threats pose a greater risk to companies than external threats such as breaches and hackers. s. It pointed out that 74 percent of cyber incidents occur within organizations, with 42 percent being employees alone. When considering the extended enterprise, meaning employees, customers, suppliers, or even previous employees, the number increases to 74 percent.

Nearly 90 percent of organizations are vulnerable to attacks from insider threats, according to the Insider Threat Report 2018 by CA Technologies. In the report, the main reasons for enabling the risk factor were too many users with excessive access privileges, employees bringing their devices to work, and the increasing complexity of the information security industry.

Over 50 half of the respondents confirmed insider attacks against their organization last year, and a quarter felt the insider attacks were becoming more frequent.

While insider threats are a cause of concern, a vast majority of companies are implementing programs to deter them. Companies focus on detecting insider threats, deterrence methods, analysis, and forensics. Thirty-six percent have a formal program in place to respond to insider attacks, while 50% are focused on developing their program,” the report suggested.

Nipping it in the bud

Threats like insider attacks need to be nipped in the bud, and this must be ensured from the beginning, in other words, the hiring process. One way HR could minimize the malicious leaking of information is by ensuring that the concerns are raised and dealt with fairly without compromising the employee’s overall experience.

Simple steps such as reminding people about the company’s data protection policy post their resignation can also help.

Moreover, there are several touchpoints throughout an employee’s career that HRs must focus on. The CERT Insider Threat Center provides a list of best practices organizations should adopt to protect themselves from insider threats. These include maturing insider threat programs, tracking terminated employees, improving employee engagement, developing a watchlist of employees with behavioral indicators, and adding insider threat awareness training.

Authentication and the future of biometrics

As far as insider threats are concerned, it is evident that they can jeopardize companies. To counter this, there is a need for risk-based authentication technology that relies on things like proximity, behavior, biometrics, and more.

Industry experts opine that when you’re typing the password, the software can observe your movement across the keyboard. With this keystroke behavioral biometric, the computer algorithm can distinguish between users. According to several experts, technology can be fed into the risk engine and help determine whether the user should get access or not.

Several other innovations are also driving the authentication space, where individual actions by the users are tracked and traced to create exclusive biometrics using artificial intelligence and machine learning.

While insider threats may seem inevitable and pose a more significant threat to companies than external forces, organizations must implement policies, methods, and security systems to identify potential hazards and minimize the occurrence of such incidents. Though authentication and innovation can also assist in safeguarding the company, they alone are not enough to avert the dangers posed by insider threats.

Share this:

  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • More
  • Click to email a link to a friend (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)

Related

Tags: cybersecuritycybersecurity awarenessinsider threatsMulti-factor Authentication
Previous Post

Global Firms Struggle to Evaluate Cyber Risk Exposure

Next Post

Zero Trust – Vendors, Investment, and Future

Augustin Kurian

Augustin Kurian

Augustin Kurian is the Editor-In-Chief of The Cyber Express, an information security publication catering to an audience encompassing CISOs, CXOs, network engineers, technology enthusiasts, security professionals, and students. In his role, he leads the editorial division, manages outreach campaigns, promotes diversity in technology, and establishing best cybersecurity practices.

Related Posts

Legacy systems in healthcare
Cyber Warfare

Abandoning Legacy Systems; Route to Establish Cyber-Security in Healthcare

by Vishwa Pandagle
September 23, 2023
Anime About Hacking
Features

Get Your Hack On: Top 10 Anime About Hacking for Cybersecurity Buffs

by Ashish Khaitan
September 16, 2023
Netflix’s Unlocked
Features

Netflix’s Unlocked, A Cybersecurity Nightmare Exposing the Horrors of Stolen Data

by Ashish Khaitan
September 9, 2023 - Updated on September 22, 2023
new CISO
Features

A CISO’s First 90 Days: The Ultimate Action Plan and Advice

by Editorial
September 3, 2023
Sponsored Ads Scam
Cyber Warfare

Alarming Rise in Online Sponsored Ads Scam Costing Australians $74 Million

by Vishwa Pandagle
August 29, 2023
Next Post
Zero Trust – Vendors, Investment, and Future

Zero Trust - Vendors, Investment, and Future

Latest Issue is Out. Subscribe Now



Follow Us On Google News

Latest Cyber News

Cyber Security Legal Challenges
Cybersecurity News

Navigating The Post-Incident Cybersecurity Legal Challenges

October 1, 2023
Cybersecurity Budget Trends 2023
Firewall Daily

Cybersecurity Budgets Trends in 2023 Record a Meagre 6% Rise

October 1, 2023
Cybersecurity Awareness
Firewall Daily

Remote Workers Outshine In-Office Counterparts in Cybersecurity Awareness

September 30, 2023
Cybersecurity Awareness Month
Cybersecurity Awareness Month

Cybersecurity Awareness Month: 20 Years of Protecting Our Digital Future

September 30, 2023

Categories

Web Stories

Top 10 CISOs to Follow in 2023
Top 10 CISOs to Follow in 2023
Top 10 Ransomware Gangs in 2023
Top 10 Ransomware Gangs in 2023
Top 5 IoT Security Risks in 2023
Top 5 IoT Security Risks in 2023
Top 10 CTF Platforms in 2023
Top 10 CTF Platforms in 2023
Types of Risks Covered by Cyber Insurance
Types of Risks Covered by Cyber Insurance

About

The Cyber Express by Cyble

#1 Trending Cybersecurity News and Magazine

The Cyber Express  by Cyble is a handbook for all stakeholders of the internet that provides information security professionals with the latest news, updates and knowledge they need to combat cyber threats.

 

Contact

For editorial queries: [email protected]

For marketing and Sales: [email protected]

For Events & Conferences related information: [email protected]

 

Quick Links

  • About Us
  • Advertise With Us
  • Contact Us
  • Editorial Calendar

Our Address

We’re remote friendly, with office locations around the world:

San Francisco, Atlanta, Rome,
Dubai, Mumbai, Bangalore, Hyderabad,  Singapore, Jakarta, Sydney, and Melbourne

 

Headquarters:

The Cyber Express LLC
555 North Point Center E
Alpharetta, GA 30022, USA.

 

India Office:

Cyber Express Media Network
HD-021, 4th Floor, C Wing, Building No.4. Nesco IT Park, WE Highway, Goregaon East, Mumbai, Maharashtra, India – 4000063

Subscribe to Our Feed

RSS Feeds

Follow Us On Google News
  • Privacy Statement
  • Terms of Use
  • Write For Us

© 2023 The Cyber Express (Cybersecurity News and Magazine) | By Cyble Inc.

No Result
View All Result
  • Magazine
  • Firewall Daily
  • Essentials
    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • World CyberCon India 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • Products
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin (Beta)

© 2023 The Cyber Express (Cybersecurity News and Magazine) | By Cyble Inc.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
Top 10 CISOs to Follow in 2023 Top 10 Ransomware Gangs in 2023 Top 5 IoT Security Risks in 2023 Top 10 CTF Platforms in 2023 Types of Risks Covered by Cyber Insurance