Skip Navigation

ITMG Insider Threat News – June 7, 2022

7 Best Practices for Trade Secrets Protection

Many companies across the globe owe their success to some kind of a trade secret. Whether it’s a special ingredient in a grandma’s recipe, a unique knitting technique, or a closed-source software tool, safeguarding this secret is what often gives these organizations a competitive advantage.

While some laws protect intangible assets — including trade secrets — in the United States, businesses need to take additional precautions to keep their valuable assets safe. For example, they should adopt appropriate measures and ensure all employees do their part in trade secrets protection.

CISOs say Ransomware is the Least Concerning Threat to Enterprises

Despite the massive global investment in cybersecurity in 2021 (totaling nearly $72.5 billion) the year still proved to be one of the most challenging periods for CISOs as high-profile cyberattacks increased significantly. According to the Allianz Risk Barometer, 2022 won’t be different, with cyberattacks becoming the number one global business risk for the second time in the survey’s history.

To understand the mindset of cybersecurity professionals, Proofpoint recently released its Voice of the CISO report for 2022, which surveyed 1,400 CISOs worldwide Proofpoint says it created the Voice of the CISO annual report to provide insights that would prepare C-suite executives and technical decision-makers for cybersecurity-related incidents.

A Lawyer’s Confession: Don’t Count on Contracts and Courts to Protect Your Company’s Confidential Information

Many people were shocked by the recent leak of a Supreme Court draft opinion. The idea that an employee would subvert confidentiality rules at the nation’s highest court on matters of national significance seemed far-fetched. But many companies with confidential business information know that confidentiality violations are commonplace. A breach may be somewhat harmless, such as when an employee emails a sensitive document to a personal account to work on it outside the office. Other times, a violation is deliberate. For example, an employee may violate your confidentiality policy by downloading a list of customer contact information to use for a new competing business. You may not regularly ask yourself what information workers have, where that information is stored, and how it could be stolen. But the answers to these questions could easily change every year. Why is it important to proactively protect your company’s data and what steps do you need to take to avoid costly mistakes?

How to Get the Inside Track on Insider Security Threats

Texas A&M psychologist Anthony Klotz dubbed it the Great Resignation. Others are calling it the Great Reshuffle. Whatever it’s called, this phenomenon of millions resigning from their jobs (4.5 million in the US in November 2021 alone) and over 40 per cent of workers worldwide thinking about quitting their current position is a clear and present danger to organizations keen to remain stable at a time of great instability.

Data loss, said Love, is a risk to a company even when one person leaves – let alone a dozen. One problem, he said, is that many people will take data with them to use in their new job. “At the point that that happens, it doesn’t even matter whether it was malicious or accidental. The consequences of it happening at all can be potentially devastating.”

Inside the Mind of an Insider Threat

The Intelligence and National Security Alliance (INSA) has outlined the following types of insider threat for security leaders to monitor: unintentional insider threat, theft of intellectual property or national defense information, insider fraud, sabotage and workplace violence.

Case study examples provide some common personality characteristics, precipitating events and indicators for each insider type. These commonalities can be refined by organizations as they tailor their risk models for their specific situations and environments.

Insider Threat Prevention Best Practices for the Remote Work Era

Insider threats have always posed a problem for organizations, but the past few years have seen a significant uptick in cyberattacks caused by insiders.

Several factors have fueled the uptick, including the transition to remote work, in which employees may use unsafe personal devices and connections to access corporate resources. Other factors include the prevalence of USB devices and ubiquitous cloud usage. These factors combined make insider threat prevention harder than ever.

This entry was posted on Tuesday, June 7th, 2022 at 11:16 am. Both comments and pings are currently closed.