We are focused on helping our customers and the security industry to detect insider threats. As part of our commitment, we frequently engage in research that reveals how to improve related technology and human processes. Last week, we announced the results of our recent Harris Poll. It revealed how Americans feel about employer digital activity and behavior monitoring programs, which are key elements of any insider threat program. It showed that many support the practice and the conditions under which they were on board with it.
A high percentage of Americans found employer monitoring to be “acceptable.” More than a majority agreed that their employers have a “right” to monitor digital work-related activities. There are, of course, some conditions that apply. Chief among these are that employees would like for their employers to be open and transparent about monitoring, reserve the practice for security, and have a process in place for anonymizing activity records until after an insider threat is detected.
To read more about the news, here are links to several articles that have published:
Help-Net Security: Do you support employee digital monitoring programs?
Infosecurity Magazine: Monitoring My Digital Activity? Just Tell Me
Women are the Future
The SC Magazine 2018 July issue is now online and on newsstands. Titled “Women in Security,” it features 18 top women in the industry. This year’s edition recognizes Dtex CEO Christy Wyatt. In her interview, Wyatt discussed why she was attracted to Dtex and why leaders hold the power to turn the cybersecurity industry into a more diverse place. Said Wyatt:
Security has been central to all of the roles I’ve held at Apple, Motorola, Palm, Citi, and Good. As the industry evolved, it became clear that technologies were being weaponized. As a result, some of the most critical problems that needed solving, like the insider threat, were in dire need of innovation. With legacy solutions failing and stakes rising, I decided to take on the CEO role at Dtex. As a company focused on the insider threat, I can confidently say that we are doing something that matters.
I am always frustrated by the inherent conflict built into traditional diversity programs. You cannot hire a ‘single flavor’ leadership team, give them quotas and expect a culture change. When I interview leaders for my teams, men and women, there are a number of things I look for. I look at who they have worked with in the past, who they hired and promoted in past roles, and I look at their references and networks.
More Dtex, Insider Threat News
Every week we witness additional reminders of how difficult it is to detect the insider threat. Driven by malicious insiders, negligent insiders and infiltrators, it remains one of the leading causes of security incidents and data breaches. The insider threat is active inside of 100 percent of organizations and increasingly focused on by the industry and news sources alike. Last week, we witnessed two prime examples of how human error leads two negligent-insider breaches.
Last Friday Amgen (NASDAQ: AMGN) posted a data breach notification letter to the California Attorney General reporting site. It states that phishing was behind a recent incident that may have exposed individuals’ personally identifiable information (PII). According to the letter:
On April 23, 2018, we (Amgen) received a letter from WTW informing us that they had suffered a phishing incident that led to a breach of security and the potential unauthorized disclosure of personal information on February 21, 2018. The information that WTW maintained on behalf of Amgen related to claims brought against Amgen in civil litigation as well as worker’s compensation and workplace injury claims. Your information was among this type of personal information that was maintained by WTW and could have been disclosed in this incident.
On that same day, ZDNet reported that a researcher going by the name of “Flash Gordon” discovered an unprotected cache of information that was uploaded to a web server. According to ZDNet:
A data breach at a federally funded active shooter training center has exposed the personal data of thousands of US law enforcement officials. The cache of data contained identifiable information on local and state police officers, and federal agents, who sought out or underwent active shooter response training in the past few years. The backend database powers the website of Advanced Law Enforcement Rapid Response Training — known as ALERRT — at Texas State University. The database dates back to April 2017 and was uploaded a year later to a web server, believed to be owned by the organization, with no password protection.
The Dtex 2018 Insider Threat Intelligence Report revealed that human error remains a key reason behind insider-caused data breaches. Ninety percent of the assessments we conducted showed insiders involved in high-risk data transfers. Seventy-eight percent discovered company data publicly available in the cloud.