In Part 1, we explored the various legal considerations related to the collection and use of information derived from User Activity Monitoring (UAM) solutions. While the former is broader in scope than the latter, each require clear policies and procedures to maintain the proper balance between privacy and security. In Part 2, we’ll explore the various incentives or justifications for implementing UAM tools and solutions and close with a brief overview of the evidentiary value of UAM collected data.
China is actively seeking “valuable intellectual property and public health data through illicit means related to vaccines, treatments and testing,” a draft of the warning by the FBI and Homeland Security Department reads. The Trump administration will draw attention to the role of “nontraditional actors,” namely students and researchers employed by the Chinese government to steal data on vaccine development.
No financial institution is exempt from the occasional ‘malicious insider’, who, acting alone or with outside help, can do more damage than virtually any outside fraudster. In addition to knowing where a bank’s most vital and sensitive information is stored, a maladjusted employee has the inside track to a bank’s weak spots. Hence, it’s not surprising that attacks from inside bad actors are the most costly and take the longest time to resolve. “An attack by any trusted party, whether an employee, contractor, or trusted vendor has the potential to be devastating,” says Keith Monson, chief risk officer for Computer Services Inc., a Paducah, Ky.-based banking vendor. “If the right controls aren’t in place, these attacks can go on for a considerable amount of time, sometimes only being detected when the insider makes a mistake or gets too greedy.”
Twitter will allow employees to work from home for as long as they want. Twitter CEO Jack Dorsey told his employees Tuesday that many of them will be allowed to work from home in perpetuity, even after the coronavirus pandemic ends, according to a company spokesperson. “Opening offices will be our decision,” the spokesperson said. “When and if our employees come back, will be theirs.”
This Insider Threat Roadmap provides a vision to guide TSA and the transportation community in mitigating insider threat. The Roadmap builds on the expertise, leadership, and relationships TSA has developed to streamline processes, identify requirements and capabilities, and leverage partnerships to proactively mitigate risks of the insider threat. It builds on and supports DHS Directive 262-05-002, “Information Sharing and Safeguarding: Insider Threat Program,” issued on October 1, 2019, which establishes requirements and standards, and assigns responsibilities for DHS agencies to implement an insider threat detection and prevention program.
In the midst of a global pandemic, international scientific collaboration has perhaps never been more important. However, the U.S. government’s efforts to prevent and investigate undue foreign influence in federally-funded research remain active with “80 percent of all economic espionage prosecutions brought by the DOJ involving China.” The DOJ also reports that there is “at least some nexus to China in around 60 percent of all trade secret theft cases.”
The physicist Klaus Fuchs (1911-88) is well known as the atomic spy who gave details of everything he worked on at the Manhattan Project to the Soviet Union. In this enthralling and riveting account, Nancy Thorndike Greenspan, the author of a biography of the physicist Max Born, has brought together new material that rounds out Fuchs’s life, from his college days in Weimar Germany to his move to Communist East Germany in June 1959 following his release from prison in Britain. He had served nine years of a 30-year sentence for espionage.
Several key resources and controls can help reduce overall risk by providing guidance on proper control implementation, preventative measures to deploy, and an emphasis on organizationwide training. Insider threats have continued to be a major factor in data breaches over the last year. On top of this elusive threat, business environments are growing more complex and data is becoming a more lucrative target. Bring-your-own-device (BYOD) polices and remote working have presented challenges that extend far beyond the traditional environment seen just a few years ago. However, everything isn’t all doom and gloom, and there are several steps to consider that enable organizations to begin mitigating this risk factor.
The stakes in internal investigations can turn out to be very high. Companies can often respond effectively if they proactively plan for investigations and leverage technology that can comb through large amounts of data quickly at low cost.