Insider threats are the underappreciated threat. They fly under the radar as stories about hackers get top billing. Insider attacks are more insidious because they betray the trust the company has in its employees, partners and systems. Insider threats are the hardest to detect and take longer to discover than any other threats, according to the most recent Verizon Data Breach Report. Insider threats range across types and include: intentional data theft as in the Morgan Stanley breach; possible insider trading, like that recently seen in the LinkedIn acquisition; garden variety employee mistakes, such as the Google insider data breach; and ex-employees accused of taking trade secrets, as alleged in an IBM lawsuit. And then there are the active efforts by criminals to recruit insiders on the Dark Web or nation-state espionage that takes the form of phishing emails or bribed insiders.
The insider threat is not really a cybersecurity problem or a data analytics issue; it's a human risk problem that can only be solved by understanding how people think and behave. In this slideshow, RedOwl has applied the science of risk assessment to employee behavior and come up with six persona types of employees who represent insider threat risks.
Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ... More >>
Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ... More >>
Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ... More >>