All Entries Tagged With: "Malicious Insiders"
2009 Breaches and Blunders
Kevin Prince, CTO of Perimeter eSecurity recently released a paper on the top 2009 breaches and blunders. See the full article here. There is also lots of talk about it on Twitter. See here.
—————–
Perimeter E-Security Exposes Top Ten Biggest Security Breaches and Blunders of 2009
MILFORD, Conn., Nov. 23 /PRNewswire/ — Perimeter [...]
Malicious Insiders Causing Havoc at Financial Institutions
The SANS institute (www.sans.org) posted these two blurbs that caught my attention regarding threats from the inside.
–Bank Employee Draws 39-Month Sentence in Theft Scheme (May 25, 2009) A former bank employee has been sentenced to more than three years in jail for attempting to steal GBP 1.2 million (US $1.9 million) from his [...]
Would your employees sell out?
According to a new survey of 600 people, one third of employees would sell company secrets for compensation. The amount of compensation needed varied based on who was spoken to. This survey was done by the same people who famously got usernames and passwords from people in exchange for a chocolate bar last [...]
Common Hacker Attack Pathways
In the 2008 Data Breach Investigations Report written by Verizon it discusses the most common methods of access (pathways) used to compromise networks. What they found from the 500+ caseload was the following:
Nearly half of all breaches exploited remote access and control systems. The report states that this is often remote access software [...]
Data Breaches by Threat Categories
A recent study breaks down the threat categories of 500+ caseloads of investigated breaches.
Error – Poor decisions, misconfigurations, omissions, non-compliance, process breakdowns, etc. Nearly 80% of breaches within this category are due to omission.
Hacking – Deliberate action against information systems.
Malcode – Malicious software or code found to contribute to breach in question. [...]
Sins of Omission…that lead to data breaches
Insider error is the leading cause of data security breaches according to a Verizon report.
It indicates that 62% of cases involve error and in 79% of those cases, it was insiders lack of doing something they should have (omission) that lead to the breach. Not following policies, procedures, and duties by those [...]
Partner and 3rd Party Breach Sources
Partner and other 3rd parties have always been a large risk to a companies data security. The 2008 Data Breach Investigations Report released by the Verizon Business Risk Team gives us an interesting breakdown of breaches that are sourced from partners.
Often, companies look at partner risk from the perspective of “how much [...]
IT Admins 58 times more likely to be the source of an internal data breach
IT Administrators are 58 times more likely to be the source of a data breach than a regular employee and 25 times more likely than an executive.
Data Breach Sources…according to Verizon Business Risk Team
According to the 2008 Data Breach Investigation Report conducted by the Verizon Business Risk Team most data breaches occur as a result of external attacks.
The study is an analysis of 4 years of data security breaches from 2005 through 2008. There were 500+ cases that were analyzed as part of this [...]