Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Insider Threats

The latest News and Information on Insider Threats including employee monitoring and data privacy.


How to Reduce Insider Threat Risks in a Hybrid Office: 10 Best Practices

The Covid-19 pandemic has changed the way we work forever. Although some part of the workforce returned to the office as soon as restrictions loosened, many employees wish to continue working remotely. According to data from Gartner, 60% of knowledge workers are remote, with at least 18% not planning to return to the office anytime soon. A hybrid office is a great option for both types of workers.


Reducing the Risk of Insider Threats among New Employees

New hires bring fresh ideas and unique skills but can also pose a threat. They can endanger your organization’s sensitive data and IT systems due to carelessness, lack of cybersecurity awareness, or malicious intent. The potential insider threats stemming from new employees are especially concerning for large organizations with a high flow of personnel who may find it challenging to thoroughly monitor and supervise all new hires security-wise.


Bossware and the Future of Work

Recently, there has been considerable coverage of “bossware” and a focus on draconian types of “surveillance” some companies are using to stay on top of remote and flexible workforces. Articles claim companies are accessing the camera on laptops and tracking every movement so that employees can’t even go to the bathroom. In 1992, the New York Times ran a long article about Caller ID and how the new technology was an invasion of privacy.


Threat detection review: Insider threats in cybersecurity

Globally, 67% of companies experience between 21 to 40 insider-related incidents per year, according to Ponemon Institute’s The Cost of Insider Threats 2022 report. The same report reveals that the frequency and cost of insider attacks have increased significantly over the past two years. Insider threats are one of the tougher attacks to predict and prevent, because of the difficulty in identifying insiders.


Role-based Access Control vs Attribute-based Access Control: Which to Choose

Access control is a fundamental element of your organization’s security infrastructure. Every security officer wants to apply the principle of least privilege, implement a zero trust architecture, segregate user duties, and adopt other access control best practices without harming the company’s workflow. There are several approaches to implementing an access management system in your organization.


Understanding Evolving Insider Risks in a Hybrid World

Insider risks are threats that already have access to an organization’s sensitive information. They are people who have physical access to the organization’s buildings and credentials to sign-on to the network. But maybe more importantly, they’re familiar with the organization’s processes, they speak the company lingo, and they know where the important assets reside.


Top 10 Mistakes of Security Officers in Protecting Remote Workplaces

The COVID-19 pandemic has forced organizations to temporarily transition to remote work environments. Two years have passed, but the remote work trend is still with us, with over 75% of people worldwide working remotely at least once a week. As telecommuting concerns more cybersecurity experts around the world, some security officers still make drastic mistakes in configuring and managing remote environments.


6 Best Practices to Conduct a User Access Review

Every company has workers that have been there from the beginning and worked in every department. Knowledge of the company’s processes makes them valuable employees, but they can also access and put at risk lots of sensitive data. Regular user access reviews can help you mipngtigate this risk and safeguard your critical assets. Regularly reviewing user access is an essential part of access management.


Rethinking IAM: What Continuous Authentication Is and How It Works

Multiple reports show that people don’t take the necessity to pick secure passwords for their login credentials and personal devices seriously enough. According to Verizon’s 2022 Data Breach Investigations Report, 80% of incidents resulting from hacking attacks involved weak and compromised passwords. These findings make us wonder whether confirming a user’s identity just once at login is enough. Should this be a repeated procedure?