1/15/18 Dtex, Insider Threat, Privacy in the News: Motherboard Focuses Spotlight on Privacy, Dtex Contributes to NIST Privacy Framework RFI, Politico Provides Insider Threat Lesson, Vote for Dtex Platform and Insider Threat Analyst Team
Privacy hasn't stepped out of any center ring in any technology venue since The New York Times broke the story about the data scandal involving Cambridge Analytica and Facebook. All of the spotlights were again focused on privacy last week, after a Vice Motherboard report revealed that it is still possible, and relatively easy, for almost anyone to get their hands on cell phone information via third-party data aggregators.
According to Motherboard, the world's leading telcos — T-Mobile, Sprint and AT&T included — are selling access to customers' location data, which can then be used to track location with remarkable accuracy. Following the Motherboard report, several of the major telecom providers named announced they would stop selling sensitive customer location data to third parties by March. In a statement to Adweek, at AT&T spokesperson said:
Last year, we stopped most location aggregation services while maintaining some that protect our customers, such as roadside assistance and fraud prevention. In light of recent reports about the misuse of location services, we have decided to eliminate all location aggregation services—even those with clear consumer benefits.
Read the full Motherboard story: I Gave a Bounty Hunter $300. Then He Located Our Phone
Read the Adweek story: AT&T and T-Mobile Say They’ll Stop Selling User Location Data
Are you attending RSA 2019? Register now for the Dtex 2019 Global Insider Threat Summit; featuring former NSA Director Adm. Mike Rogers, attendees learn about the latest insider threat risks and mitigation strategies
Issues around the handling and protection of consumer data aren't the only ones receiving increased focus as of late. Today, the National Institute of Standards and Technology (NIST) closed its first round of industry feedback on the NIST Privacy Framework: An Enterprise Risk Management Tool. According to NIST:
NIST envisions that the Privacy Framework will be a voluntary tool for organizations to better identify, assess, manage, and communicate about privacy risks so that individuals can enjoy the benefits of innovative technologies with greater confidence and trust.
It is becoming increasingly critical for public sector organizations and private enterprises to leverage the efficiency and productivity that digital transformation is delivering. As government and business turns to new innovations, issues of employee privacy are emerging. Most employees accept that their employers need to monitor their digital activities and behaviors for security reasons. They are also are starting to expect a certain level of privacy protection for the personal and business data they generate while at work. To help NIST develop a framework that addresses in increasing employee privacy expectations, Dtex is among the early contributors to the RFI. In a written statement, Dtex proposed to NIST:
Accordingly, Dtex recommends that the Privacy Framework include a section on User Activity Monitoring that addresses practices for balancing an organization's need to monitor its employees with its need to protect and respect employee privacy.
Read more about the framework and review RFI submissions: Requesting Information for the NIST Privacy Framework
Insider Threat, Week in Review
Despite last week's focus on privacy, there was no shortage of insider threat related news. Here's a look at a top headline along with analysis on what it means for organizations that want to avoid falling into a similar trap.
Politico: Exclusive: How a Russian firm helped catch an alleged NSA data thief, by Kim Zetter. This feature is about how Moscow-based security provider Kaspersky Lab, which has been banned in federal environments due to suspicion that it assists Russia with cyber espionage, may have actually helped the fed to identify and arrest former NSA cybersecurity specialist Harold T. Martin III. Martin is accused of unlawfully removing and retaining thousands of classified documents while he was with the NSA and other intelligence organizations over the course of two decades. It turns out that Kaspersky may have alerted the fed to Martin's alleged crimes when it tipped off the NSA that he may have been engaged in some suspicious Twitter activity just prior to the Shadow Brokers' dump of classified NSA information in 2016.
This news has all of the cloak-and-dagger intrigue that make up spectacular cybercrime stories — a Russian front company, an insider, and a slippery and hard-to-identify cybercrime group. It also provides a simple and valuable lesson for any organizations that has to protect information: you can't defend against an insider attack if you can't see what kind of behaviors insiders are engaged in on your network.
There are numerous layers available that make it possible to control access to data and understand what is taking place on networks and at the end point. These include everything from IAM to the latest CASB solutions. Dtex customers in the public and private sector turn to our platform to gain a deeper, more effective understanding of what individuals who have been given access to data and systems are doing and to get alerts when something is amiss. Read more about how Dtex protects against insider threats like Martin at: How Dtex fights insider threats