Skip Navigation

ITMG Insider Threat News – February 22, 2021

Biden administration files appeal pressing for Assange extradition

The administration of US President Joe Biden has appealed a British judge’s ruling against the extradition of WikiLeaks founder Julian Assange, a Justice Department official said Friday. A brief filed late Thursday declared Washington’s desire to have Assange stand trial on espionage and hacking-related charges over WikiLeaks’ publication of hundreds of thousands of US military and diplomatic documents beginning in 2009. The Justice Department had until Friday to register its stance on Judge Vanessa Baraitser’s January 4 ruling that Assange suffered mental health problems that would raise the risk of suicide if he were sent to the United States for trial.

Marine Corps Looks for Insider Threat Monitoring Capability

The Marine Corps is looking for a user monitoring and auditing capability for its enterprise networks in support of a pilot program meant to foster a better understanding of unauthorized disclosures and exfiltration of sensitive data on Defense Department networks. The Marine Corps needs a capability that can find and assess anomalous activity on both classified and unclassified enterprise networks, according to a sources sought notice posted Thursday to beta.SAM.gov. At a minimum, five technical requirements must be met: the capability must include keystroke monitoring, full application content such as email and chat, screen capture, file shadowing, and the ability to attribute data to a specific user.

GSA Could Be Vulnerable to Security Threats From ‘Trusted Insiders’

Watchdog finds gaps in a program meant to protect personnel, facilities, operations and resources. The General Services Administration needs to bolster its efforts to protect against insider threats from current and recently separated employees, a watchdog reported on Wednesday. The GSA inspector general reviewed the agency’s processes to thwart harmful actions from “trusted insiders” to its personnel, facilities, operations and resources. GSA has about 12,000 employees throughout its central office, Federal Acquisition Service, Public Buildings Service, Office of Governmentwide Policy, 11 national staff offices, 11 regional offices and two independent offices. An October 2011 executive order and subsequent policy from November 2012 laid out requirements for agencies’ insider threat programs. In 2014, GSA established its own program (a two-person team that reports to the senior designated official who is the associate administrator of GSA’s Office of Mission Assurance) and in 2017 the National Insider Threat Task Force certified it met the minimum standards. However, the inspector general found some areas of concern since then.

Employee Internet Management—How to Manage Workplace Internet Abuse

Searching for employee internet management solutions? The internet is a powerful tool for improving employee productivity when it’s used for work-related purposes. Unfortunately, workplace internet abuse is a very real problem that contributes to a variety of productivity and security concerns. In this article, you will learn how to monitor and prevent the inappropriate use of the internet in the workplace.

Data protection: it’s time to reassess your security strategy

It’s no secret that the Covid-19 pandemic has created a perfect storm of cybersecurity risk. External threats are heightened, but there’s also a higher level of internal risk too, exacerbated by home working. With most financial services organisations planning to continue with mass remote working for the foreseeable future, it’s important for security teams to review their strategy and assess whether it still works in this new landscape. When it comes to insider threat, there are three key areas that IT leaders should focus on: building a positive culture around security, understanding their organisation’s level of risk and protecting their people.

CISOs will use higher budgets to address human error

Three-quarters of CISOs expect their budget to increase this year, and plan to invest in training and visibility after the explosive and uncontrolled growth of IT estates in 2020. Security leaders still consider ransomware to be the biggest threat facing them today, despite a year of social engineering attacks dominating news headlines. The finding comes from a new report by Proofpoint, drawn from a survey of 150 UK and Ireland CISOs and CSOs. The research also shows that more than half of respondents believe human error is the biggest risk to their business, which begs the question: why ransomware? It’s mostly because the two types of attack are not separate, says Proofpoint Resident CISO Andrew Rose. “If I want to get into your organisation and commit some really big financial fraud, what I may well do is I would steal some credentials from your organisation, log in as one of your members of staff and then pretend to [be someone] … So, you’ve stolen an account to start that fraud and you’ve done that through social engineering … If you want to do a ransomware attack, a good way to do that is to actually steal someone’s credentials, log on as them and use their credentials to actually apply malware.

What You Need to Know About Remote Employee Monitoring Software

Interested in using remote employee monitoring software to track employee productivity? This article will outline the benefits of monitoring remote employees, showcase the top features you will find in the best employee monitoring software and provide you with the best practices for using monitoring software for remote employee performance management.

This entry was posted on Monday, February 22nd, 2021 at 1:15 pm. Both comments and pings are currently closed.