Cybersecurity Leadership

The bad news is insider threats are on the rise. The worse news is that most companies are unprepared to meet the moment.

The cost of cybersecurity threats caused by organization insiders rose over the course of 2023, according to a new report from the Ponemon Institute and DTEX Systems.

Off-the-books use of generative AI tools will inevitably lead to a costly, high-profile data breach for someone, but a little attention paid to appropriate data management policy can help mitigate the risk.

Choosing which department should be responsible for protecting an organization from threats from within isn’t always straightforward.

CISOs are re-evaluating the approaches, technologies, and processes they have in place for managing insider risk and dealing with a threat.

Phishing simulations aren't enough for identifying your organization’s most vulnerable insiders or minimizing their risk.

Security in the past followed a castle-and-moat approach. But the cloud, digital transformation and the pandemic moved digital assets far and wide. Now a thief could be right next to the king’s treasury, and an enterprise would have no idea.

Insider threats arise from two kinds of employees: the negligent and those with malicious intent. Knowing the root causes is critical to mitigation.

Not only are insider-lead breaches on the rise, but they’re getting more diverse and sophisticated.

Wanted: a security exec responsible for identifying and mitigating the attack vectors and vulnerabilities specifically targeting and involving people.

Cyber programs often miss the significant portion of risk generated from within, and tools for insider threat are blunt instruments. A new method can yield better results.

Comprehensive visibility, employee awareness, proactive threat hunting and actionable threat intelligence are indispensable pillars of a robust cybersecurity strategy and just a few areas that organizations should keep in mind as they build their cybersecurity resilience

Recent research shows that one third of enterprises lose more than 10% of their associated technology assets when offboarding workers, and 42% experience unauthorized access to SaaS applications and cloud resources.

Today more than 300 million people are working remotely — creating, accessing, sharing, and storing data wherever they go — and data breaches arising from insider threats and simple mishaps can cost businesses an average of $7.5 million annually. Ultimately it doesn’t matter if a breach is intentional or accidental. Insider risk programs should be part of every company’s security strategy.

Layoffs can be tough for both companies and employees. When grappling with anger, fear, and uncertainty, it's hard for anyone to be at their best. Here are some strategies for avoiding negative outcomes during layoffs.

Organisations need to have a comprehensive security program in place that focuses on both preparedness and visibility.

It’s beyond time to ask an uncomfortable question: are your employees your biggest defense or greatest vulnerability against insider threats? How well you defend your data depends on getting this question right.

Data is Under Siege While most people think of external threats like malware when they think of data loss, they are not the only threat. The threat from an organisation’s own employees is often bigger than the threat from external cybercriminals.

Recent 2019 ISACA annual report shows key interesting cyber security trends which includes underreporting of cyber crimes and internal employees being the third-greatest security threat.

The idea that a supply chain attack could compromise hardware used to power critical systems has troubled the public and private sectors alike for several years.

In the real world of IT, threats emanating from inside organisations, not hackers, account for around three-quarters of all recorded threat instances.

Frequent types of commonly executed insider attacks UEBA detects.