Accounts with legitimate access to not only sensitive information but also complete control over the system are put in the best position to act maliciously.
There is a tendency for companies to simply lose track of their privileged accounts; 70 percent of organisations failed to fully discover all of the privileged accounts on their systems.
There are some difficult obstacles to overcome in the cyber-security tough-mudder challenge, from ransomware and phishing to insider threats and GDPR, but thorough preparation can boost your chances of success.
The internet is more than an infrastructure - it mediates human behaviour so it can have unprecedented impact - threatening our survival. It can be manipulated to constitute an insider threat on an unprecedented scale.
Securing and monitoring a complex and distributed IT infrastructure is essential for growth and regulatory compliance. But it requires cooperation by employees at all levels as well as continuous improvements to meet emerging threats.
As enterprises no longer have distinct boundaries defined by inside and outside the firewall, gaining visibility on the health of devices connecting to their network is more critical than ever.
Recent research shows 41 per cent of UK respondents stating that they have complete trust in employees with privileged access. This isn't a good position to be in.
Some departing employees have no loyalties to their previous employer, so it is imperative that deprovisioning employees' corporate access on their last day is an absolute priority.
A USB stick was found in the streets of London containing over 70 unencrypted security files from Heathrow International Airport - so what security precautions could and should have prevented this danger to the public?
Researcher uncovers method of hijacking the functionality of some AV tools in order to compromise endpoints. Trend Micro, Emisoft, Ikarus, Kaspersky, Check Point's ZoneAlarm and Malwarebytes have fixed their offerings.
The person that deactivated US President Donald Trump's Twitter account briefly Thursday, originally pegged by the company as human error by an employee, reportedly was instead a third-party contractor.
30GB of data stolen from a small Australian military defence contractor which included technical information on jet fighters, transport aircraft, 'smart bomb kits.' Culprit, the lone IT technician.
Departing employees is an issue not often considered as potentially affecting a company's cyber-security. However, an employee can potentially eave while maliciously keeping sensitive data including passwords, key codes, etc.
Debbie Garside says simple end-user error is the biggest risk you face when it comes to data. But instead of end users facing the sack for making honest mistakes employers should be putting systems in place that protect them.
Security researchers have found another publicly accessible Amazon S3 server that in this case hosted about 100MB of Verizon Wireless data that was allegedly operated by a Verizon employee.
The app-blended lifestyle poses problems for CIOs, CISOs and those responsible for keeping an organisation safe and secure. Mike Hemes, says shadow IT is a real issue and one we can only see increasing over time.
People are the last line of defence in your organisation's security infrastructure, yet half the population are ignorant of ransomware, and many don't understand phishing, but trust that social media security is high says Colin McTrusty.
Firms need to evaluate their security procedures around flexible working now, before it leads to a damaging data breach says Jean-Frederic Karcher.
While illegitimate access to mainframes is dificult to obtain for attackers, the consequences can be severe when they do succeed explains John Crossno.
Rather than battening down your network in response to the insider threat, you could combat the danger through trust and engagement, as we learned at the SC Media UK Roundtable in Edinburgh - sponsored by Zonefox.
Intel Security, CSIS Survey: Only half of IT staff agree with executives that their cyber-security strategies have been implemented
In the ongoing antitrust case brought against Ticketmaster by rival SongKick, Ticketmaster is accused of using information stolen from SongKick by ex-employee.
In Case You Missed It: Hotel ransomware report; Routers hijacked for botnet; X-Box, Playstation breach; Data centre vulnerability; insiders paid for secrets.
A RedOwl report claims that insider recruitment is "active and growing" with chatter across public and private forums about the subject doubling from 2015 to 2016.
Unprotected classified Europol files were linked to the internet and accessible via a hard drive found through Shodan
Keith Lowry took time on a trip to Australia to warn that background checks do not make the cut when trying to stop insider threats.
Aside from the Labour party's internal struggles and bitter upcoming leadership election, it seems the two candidates are both pretty bad at security
While the biggest threat these days might be your employees, does that danger really mean distrusting your own team, asks Max Metzger, and what actions should you take?
The latest In Case You Missed It (ICYMI) looks at SC Awards winners; Flawed app in Lenova; TeamViewer potential flaw; ex-staff with access; ransomware rise continues.