Helping Law & Finance Firms Proactively Manage Insider Threats, April Security Research Roundup
Here’s a staggering figure: according to the American Bar Association, one out of every four law firms is a victim of data breach. In part one of a two-part series on insider threats, Gabriel M. Ramsey - a partner in the San Francisco office of Crowell & Moring - explores how law firms can help clients proactively mitigate the risk of bad actors inside their own organizations, and how law firms themselves tackle the ever-present insider threat.
Financial institutions face a complex array of threats — from the immediate such as synthetic identities which have been used to defraud individual firms multiple times. But they also should be looking around and ahead, said Valerie Abend, managing director, Accenture Security and co-author with Howard Marshall, principal director at Accenture Security, of a report entitled “Extreme but Plausible Threat Scenarios In Financial Services.”
“The advent of advanced adversaries leveraging their access through compromised credentials to multiple, critical entities concurrently is likely to impact the financial sector’s ability to collaborate—in turn, challenging its resilience,” the report warns.
The immediate security demands of today should not keep firms from looking at how drastically different threats could look in the future, Abend said.
“... What does that look like when credential theft is not just about stealing whole swaths of individuals identities from inside one database but stealing lots of privileged information inside one organization or across multiple organizations.”
From insiders to endpoints and the cloud, organizations find themselves defending against cybersecurity threats everywhere they look, and new threats are emerging all the time. April was another month for a slew of research reports detailing those risks. eSecurity Planet summarizes findings from eight of those reports — and the key lessons that enterprises must learn to protect themselves.