The security threat from insiders is growing. Consider the most recent Verizon Data Breach Investigation Report (DBIR), which found that 20% of cybersecurity incidents and 15% of data breaches investigated within the Verizon DBIR originated from people within the organization. According to Verizon’s DBIR analysis, the top motivators behind insider attacks were financial gain (48%) […]
It’s no secret that employees and contractors are one of the primary causes of enterprise security events. It’s not that most insiders who cause data breaches are malicious. They’re not. They may carelessly send a cleartext email that contains sensitive information, reuse the same password across applications, or lose an unencrypted notebook or portable storage […]
Despite years of widespread data breaches and increased regulatory demands, 75 percent of respondents to a recent survey do not believe that they have an adequate information security budget. Additionally, attackers continue to successfully use compromised credentials in attacks, and while 93 percent of organizations surveyed are aware of the vulnerability and attack technique — […]
Your staff hates security processes. Of course, this isn’t something we didn’t already know. Antivirus software slows down their machines, and remembering zillions of passwords is a hassle. VPN software is often kludgy and most every other security process we ask employees to do gets in the way of their being able to do their […]
Social engineering is a method to manipulate people into doing something, such as divulging confidential information. It could be seen as the hacking of the human mind. Compared to, for example, software, the human mind has far more vulnerabilities that are significantly simpler to find and exploit since they do not require any special expertise like code or computer language. […]