For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?
The average insider scheme lasts 32 months before it's detected, says threat researcher Jason Clark, who suggests using a combination of the right technologies and the right processes is the key to improving detection.
Randy Trzeciak and his CERT Insider Threat Center colleagues are working to broaden the definition of the insider threat to incorporate not just the risk to information and IT but to facilities and people, too.
Maintaining accurate logs of systems' activities is crucial in helping catch insiders who threaten an organization's digital assets, says George Silowash, co-author of the Common Sense Guide to Mitigating Insider Threats.
Today's spear-phishing campaigns are localized, small and can slip through typical spam filters. As a result, detection practices have to evolve, says researcher Gary Warner of the University of Alabama at Birmingham.
Understanding big data is not the problem, say Michael Fowkes and Aaron Caldiero of Zions Bank. Figuring out how to use the information contained within big data in a meaningful way - that's the trick.
Intrusion detection is challenging for most organizations, and hackers' ever-increasing skill to evade monitoring tools only compounds the problem. But Zions Bank's Michael Fowkes says big data can help.
Washington has become the third state to pass legislation incorporating the Payment Card Industry Data Security Standard (PCI) to help financial institutions recover costs from credit/debit card breaches.