Skip Navigation

ITMG Insider Threat News – May 17, 2021

 **ITMG Insider Threat Cases – Archive 

If We Don’t Secure People, Information Security Will Remain a Pipe Dream 

As we’ve written previously on Lawfare, businesses are on the frontline of an intense geopolitical competition. Their assets—like innovative technologies, complex research and development, and data—are being targeted by nation-states. Many businesses have tried to address this risk by implementing or beefing up their information security programs. But those programs, unfortunately, provide only a partial solution. In the past few days, U.S. media have been in a frenzy about the Colonial Pipeline ransomware attack. It appears likely that many businesses will respond to the news in a purely technical manner. Chief information and security officers (CISOs) will be asked how secure their information technology systems are, and whether anything needs to be done to enhance cyber defenses. But if businesses seek to strengthen their defenses only through cybersecurity improvements, they will remain vulnerable to similar and different threats. 

Governments and Organizations Can’t Ignore Threats Posed by Disinformation 

Disinformation is undoubtedly on more people’s radars. But just because we know more about it doesn’t mean we are better prepared to face the challenge it is posing. With normal cyber-attacks, governments and organizations are often targeted directly. Disinformation is different. Instead of attacking core infrastructure, bad actors or nation states attack the population by attempting to skew their beliefs. Disinformation, a form of misinformation that is created specifically to manipulate or mislead people, is becoming more prevalent – mainly because it’s easy to create and disperse. The tools behind deepfakes and malicious bots have been democratized, creation can now be automated and disinformation-as-a-service has emerged. 

Two-Thirds of CISOs Admit They’re Not Ready to Face a Cyberattack 

Two out of three global CISOs feel unprepared to cope with a cyberattack, according to an annual survey released Wednesday by a cybersecurity and compliance company. The 2021 edition of Proofpoint’s Voice of the CISO report — based on a survey of more than 1,400 CISOs in 14 countries — found 66 percent of the executives acknowledged their organizations were unprepared to handle a targeted cyberattack this year. In addition, more than half the CISOs (53 percent) admitted they are more concerned about the repercussions from a cyberattack this year than they were in 2020. 

Why companies and cities are such a juicy target for ransomware 

Last weekend’s ransomware attack on a major U.S. energy pipeline highlighted a growing dilemma facing U.S. companies and institutions: the more their processes go digital, the more vulnerable they are to malicious digital attacks. Why it matters: The tech industry loves to talk up how the pandemic accelerated the pace of digital transformation, which it has. But that brings fresh risks from cyberattacks with a broad range of motivations — from hacker mischief to international espionage to financial profit, as appears to be the case with the new incident. Catch up quick: Colonial runs the largest refined products pipeline in the country, transporting over 100 million gallons per day from Texas to the Northeast and providing roughly 45% of the region’s fuel needs. 

New laws to counter threat from foreign spies 

Agents of foreign powers will be required to register in the UK in a new crackdown on espionage. The Government is to strengthen Britain’s “archaic” counter-espionage laws amid growing concern about the security threat from foreign spies operating in the UK. The Queen’s Speech includes a commitment to a Counter-State Threats Bill which will create a US-style register of foreign agents. Under American law, individuals working on behalf of foreign governments, officials or political parties are required to register with the Department of Justice and file reports about their activities. 

The fight for your data: mitigating ransomware and insider threats 

Both ransomware and insider threats are risks that should be heavily considered. Ding! Ding! The prize fight for business data is about to begin. In the red corner, costing businesses an estimated $20 billion last year, ransomware is getting ready to sucker punch the data centre. In the blue corner, the often-overlooked spectre of human error is making yet another comeback. But who’s going to serve the knockout blow that could take the business to the canvas? Every leader hopes that neither of these challengers will have their organisation on the ropes. In reality though, both present a significant threat to data integrity and business continuity. However, whilst the risks of ransomware are thankfully starting to be taken more seriously, the same care and attention that’s spent defending against ransomware is rarely lavished on barriers to protect against human error. 

Why the Biggest Threat Facing Supply Chains is on the Inside 

Businesses need to act now to survey their supply chain, developing the capacity to anticipate and respond to supply chain risks, minimizing the impact and optimizing opportunity. In March, the world witnessed a curious scene. A container ship longer than the Empire State Building became lodged in Egypt’s Suez Canal, creating an incredible spectacle as heavy construction equipment and a fleet of tug boats tried to dislodge the vessel from the canal walls. The trapped container ship may be entertaining, but it also exposed a critical element of the global economy – the primacy of supply chains. Indeed, supply chains are the often-unseen backbone of modern business, and this incident can be a timely reminder for companies to appreciate the centrality of our interconnected economy. More specifically, as one report on post-pandemic supply chain management encouraged organizations, “anticipate, sense and respond to unexpected change and minimize their impacts.” 

This entry was posted on Monday, May 17th, 2021 at 2:42 pm. Both comments and pings are currently closed.

Discover more from Insider Threat Management Group

Subscribe now to keep reading and get access to the full archive.

Continue reading