The New Insider Threat: Are Ransomware Groups Recruiting your Employees?
Every organization knows that the threat of ransomware is real, and despite best efforts to keep cybercriminals out, successful attacks continue to make daily headlines.
Now, every user account – including employees, third-party vendors, and even customers – is a potential threat vector.
The balance between detection-based perimeter solutions and network prevention has shifted and attackers can breeze through perimeter defenses such as Firewalls as if they’re not even there. The need for effective zero-trust architecture is now greater than ever.
Government and Critical Industries aren’t Ready for Insider Threats
Government agencies and companies that are vital for national security aren’t doing nearly enough to prevent workers from stealing their data, a top research group for the federal government has found.
The danger of such “insider threats” has grown immensely during the past decade as employees of governments and companies have become increasingly tech-savvy people and able to outsmart many monitoring systems, Chris Folk, director of cybersecurity policy at the MITRE Corporation, told me. MITRE runs a group of research labs on behalf of the federal government.
House Watchdog Weighs ‘Behavioral Monitoring’ to Deter Internal Security Threats
A top congressional watchdog is considering calling for the House sergeant at arms to launch a program aimed at identifying and deterring internal threats, including through “behavioral monitoring,” according to a draft document reviewed by POLITICO.
POLITICO reviewed a draft report titled “Sergeant at Arms Insider Threat Risks,” dated Dec. 30, 2021, and produced by the House’s Office of the Inspector General. The slim document suggested that the House Sergeant at Arms’ office — which leads security for the chamber — start a comprehensive “insider threat” program, which it currently lacks.
Benefits of and Best Practices for Protecting Artificial Intelligence and Machine Learning Inventions as Trade Secrets
What qualifies as a “trade secret” can be extraordinarily broad, depending on the relevant jurisdiction? A trade secret is information that is kept confidential and derives value from being kept confidential. This can potentially include anything from customer lists to algorithms. In order to remain a trade secret, however, the owner of the information must follow specific business practices to ensure the information remains secret. If businesses do not follow the proscribed practices, then the ability to protect the trade secret is waived and its associated value is irretrievably lost. The business practices required are not onerous or complex, but many businesses are unaware of what is required for their specific type of IP and only discover their error when attempting to monetize their inventions or sell their business. To avoid this devastating outcome, we work to arm our clients with the requisite practices and procedures tailored to their specific inventions and relevant markets.
Protecting Trade Secrets in a Hot Labor Market — Make Sure Departing Employees Don’t Exit Through the Gift Shop
Protecting against information theft starts at the time of hire. Many companies have confidentiality policies and agreements in place and ask new hires to sign off on these documents. This is a great first step — but it is not enough, particularly for employees with access to key information. Management, Human Resources, and other leaders should discuss confidentiality obligations both among themselves and with members of the workforce. Highlighting and discussing these policies helps drive home their importance
Powerful Remedies Against Trade Secret Misappropriation Abroad Appear Here to Stay
It has now been two years since a U.S. district court issued a ruling providing an additional avenue for U.S. trade secrets owners to take legal action against alleged misappropriation abroad. The decision in the Northern District of Illinois case, Motorola Solutions Inc. v. Hytera Communications Corp. LTD, made foreign companies take notice. It held that the Defend Trade Secrets Act of 2016 (DTSA) permits U.S. trade secret owners to seek civil remedies for acts of misappropriation that occurred abroad including the recovery of the defendants’ profits on the sale of products incorporating the misappropriated trade secrets anywhere in the world.