Every company, regardless of size, should have an insider risk management playbook in place to address the insider threat. The human factor is always in play, mistakes will happen that inadvertently place the company at risk. The other side of the human factor are the malevolent individuals who opt to break trust and willingly push aside their NDAs and in-place IT data handling processes and procedures to knowingly abscond with sensitive data.
Three recent incidents underscore the importance of having an insider risk management playbook:
Ubiquiti’s insider risk mitigation plan pays off
Malicious insider Nikolas Sharp of Ubiquiti stole his company’s data and then attempted to maneuver the post-investigation efforts away from his own actions and to extort from his employer $2 million. While the Ubiquiti team did not stop the exfiltration of the data, once an anomalous activity was discovered, they executed on their mitigation plan, and eventually brought in the FBI to address the criminal aspects of their insider incident.
To read this article in full, please click here
Friday Squid Blogging: Giant Squid vs. Blue Marlin
Epic matchup. As usual, you can also use this squid post to talk about the security stories in the news...
German Police Raid DDoS-Friendly Host ‘FlyHosting’
Authorities in Germany this week seized Internet servers that powered FlyHosting, a dark web offering that catered to cybercriminals operating...
From Workshops to Leader Panels: A Recap of Women’s History Month at McAfee
From Workshops to Leader Panels: A Recap of Women’s History Month at McAfee March is Women’s History Month and International...
Italy’s Privacy Watchdog Blocks ChatGPT Amid Privacy Concerns
GPDP probe is due to allegations that ChatGPT failed to comply with data collection rules Read More
Modular “AlienFox” Toolkit Used to Steal Cloud Service Credentials
Harvesting API keys and secrets from AWS SES, Microsoft Office 365 and other services Read More
New Azure Flaw “Super FabriXss” Enables Remote Code Execution Attacks
The cross-site scripting flaw affects SFX version 9.1.1436.9590 or earlier and has a CVSS of 8.2 Read More