trusted insiders | Software Associates.

Defining the insider threat

Posted in: Information security|Tags: China, data security breaches, DLP, ethics, Google, RSA, trusted insiders|By: Danny Lieberman|April 7, 2011No Comments

One of the biggest problems facing organizations is lack of rigorous definitions for trusted insider threats, data loss and how to estimate potential damage from a data loss event. With a lack of rigorous definitions for data loss and trusted insider threats, it’s hard to benchmark with other companies and difficult to select a good …

Health insurer data breaches

Posted in: Risk management, Threat modeling|Tags: Anti-Fraud, ethics, Identity theft, Risk management, trusted insiders|By: Danny Lieberman|July 29, 20102 Comments

switched.com is having trouble understanding the attack vector of a data breach. They apparently believe that software vulnerabilities can be mitigated by consumers “actively protecting their information”. Hackers recently attacked WellPoint, a health insurer which reportedly covers 34 million people. As a result of the breach, the company notified 470,000 individual customers that confidential information, …

Learning about change and changing your security

Posted in: Information security|Tags: Anti-Fraud, business threat modeling, counterfeiting, data breach, DLP, Fidelis Security, IT Governance, malicious insiders, PCI DSS, Physical security, trusted insiders|By: Danny Lieberman|March 11, 2010No Comments

Reading through the trade press, DLP vendor marketing collateral and various forums on information security, the conventional wisdom is that the key threat to an organization is trusted insiders. This is arguable – since it depends on your organization, the size of the business and type of operation. However – This is certainly true …

Archives

Defining the insider threat

Health insurer data breaches

Learning about change and changing your security