fbpx

Category Archives

Category Name: Data Breach

Show me Evidence of your Insider Threat Program (ITP).

Show me Evidence of your Insider Threat Program (ITP). That is a question an aspiring Defence Industry Security Program (DISP) company will be asked. Do you know that your Insider Threat Program will need to have on average 10-12 touchpoints with your AGSVA security cleared workforce every year? You should reasonably set aside at least […]


HR tech trends of 2021: Four key areas to watch

Cyber Security Risk Audits start to look at the HR workforce.  A recent study out of Cylab, 69% of respondents had more than 5 malicious, high-concern insider incidents in 2020. 44% of businesses had more than 10 incidents. 11% had more than 100 incidents, such as financial fraud, sabotage, data theft, or workplace violence. In 2021 this trend won’t stop. Cyber security is always going […]


Cyber threats keeping CEOs up at night

Exploring what the right cybersecurity path forward looks like when people are involved.  70,604 cyber security professionals were asked to respond to the question, ‘What Keeps You Awake at Night’, with the option to select one of three possible answers.​ a. Third Parties​ b. Insider Threats​ c. Nation State Actors 55% of cyber professionals are worried about their own staff, their own colleagues. This echoes what Terry Halvorsen, the former CIO of the US Department of Defense, said in recent Sydney conference: “The single threat to your system is people. Some of it is not even malicious. People ask what keeps me up at night? It’s people.” He then recommended business leaders to spend their cyber budget on people – before tech. That is an important statement from a person who controlled a USD 42 Billion annual  budget.    Background: Low hanging fruit are external people.   The typical corporate network topography is wide and that means a lot of potential entry points if left unsecured or vulnerable. The work from home (WFH) trend has exacerbated  this. The last thing any senior leader needs is the fallout from a major security breach or attack. We are seeing near daily headlines littered with cyber breach incidents and  ransomware of well-known brands. Closer to home they might even be third party supply chain partners.    Internal threats can cost many times more than an external attack.   Cyber professionals are aware that staff are normally, by default, accessing sensitive networks and information from anywhere, for the foreseeable future. The climate in which potential internal breaches – negligence or intentional – is elevated. Tech solutions try to secure all the hardware that the internal user accesses. This is difficult when  trusted employees WFH and use unsecured home computers, home printers, home USB sticks etc. Other tech solutions include user behaviour motioning software to detect and  alert when internal people are in the corporate network system and doing the wrong thing.    The role of trust cybersecurity     […]


Loss Prevention and Profit Protection strategies that work for Retail.

Emerging standards and technology can be used to mitigate people risk in the retail environment and increase the quality of your candidates by 70%. We know how devastating employee theft can be: 30% of business closures blame this.     Then there are data breaches. 1 in 4 data breaches are caused by malicious employees (not accidental […]


Security Awareness and Cyber Awareness briefings for every candidate

Security Awareness briefings for every candidate … for free! It is important for employers to know and understand that candidate’s background is not filled with unmitigated risk. However, new employees to the organisation might not fully understand or comprehend the employer’s security posture and culture. That’s where a security & cyber awareness mini course comes […]


How do I prevent a malicious insider threat?

How do I prevent a malicious insider threat? 1:3 data breaches are due to malicious trusted insiders. 90% of senior managers are worried about the insider threat.   A malicious insider's system access and knowledge of business processes can make them hard to detect. But there are practices you can put in place to reduce [...]

“The scheme should screen”. Why a Cyber Security Accreditation or Certification scheme needs to include personnel suitability assessments.

The Australian Government is developing our nation’s next Cyber Security Strategy as part of its commitment to protecting Australians from cyber threats. The new strategy will be a successor to Australia’s landmark 2016 Cyber Security Strategy, which set out the Government’s 4 year plan to advance and protect our interests online backed by a $230 […]


Are you Naked? Is Cyber Insurance a Must?

Are you Naked? Is Cyber Insurance a Must?   * 15% of SME’s have cyber insurance. * 1.955 million Australian businesses are not insured. * 70% percent of all businesses are unprepared for a cyber-attack. * 34% of breaches involve malicious internal actors. * 59% of orgs experience at least one malicious insider attack over […]


Why does the shared economy need a background vetting standard?

It turns out that a AUD50 police check does not buy a lot of comfort or trust these days. And the sharing economy companies and governments around the world know it. For example, 1 in 9 applicants were rejected. Ouch. Under a new state background check process in Massachusetts, 8,206 people who applied to drive […]


Security Expert: “In general, the greatest data security risk is posed to organizations by insiders, as they have access to sensitive information on a regular basis, and may know how that information is protected.”

Joseph Steinberg is a cybersecurity expert and entrepreneur who founded the information security companies, Green Armor Solutions and SecureMySocial. He invented several popular cybersecurity technologies in use today, writes a column on cybersecurity for Inc., and is the author of several books on information security. Q. “In general, the greatest data security risk is posed […]


Phone Call: What is your security strategy?

  A Hypothetical one Sided Phone call between friends, goes something like this: Caller A: So, what’s your security strategy? Caller A: What do I mean? Well, IBM says 44.5% of breaches are caused by malicious trusted insiders. Not fat fingers, not clicking on a wrong hyper-link, not accidents, not Russian hackers. Intentional. Caller A: So let me […]


Manage your third party security risks.

Q. Does your internal security program integrate with your contract management process to ensure that third party risks are identified and managed? Embedding personnel vetting measures (such as suitability reviews and assessments) into the management of third parties (contractors, partners, and other service or product solution providers) are some of the best practices in managing […]


91% are doing background checks. This is why.

In an Ohio-based Employers Resource Association* survey… 91 percent are using background checks. That seems high. But what s.p.e.c.i.f.i.c.a.l.l.y. does that mean? A Google search? Police check? Facebook search? LinkedIn page view? A 2 minute call to the a previous boss? But more importantly, what do you do when you receive an adverse result? To […]


1 in 4 potential employees admit to behaviours that most employers consider high-risk. HR Managers and Risk Managers need to get onto the same page.

1 in 4 potential employees admit to behaviours that most employers consider high-risk. HR Managers and Risk Managers need to get onto the same page. Independent university studies have demonstrated the value of integrity tests that screen for hostility, drug and alcohol abuse, theft and lying in the pre-employment phase. But these tests have yet […]


Security Expert: An insider with malicious intent who works for your organisation has already bypassed the majority of your security features without having to do anything other than log on to their desktop.

Marc Weaver Databasable is an IT consultancy firm that provides database administration support and specializes in moving your databases and applications into the cloud. Founded by Marc Weaver in 2015, databasable uses his vast employment experience from large financial institutions in London, Sydney, and New York. “Obviously a data security breach from an outsider will result […]


Security Expert. Insiders can also face external circumstances which make them feel desperate. Inside threat monitoring is usually shared with HR.

  GREG MANCUSI-UNGARO ​@BrandProtect Greg Mancusi-Ungaro is responsible for developing and executing the BrandProtect market, marketing, and go-to-market strategy. A passionate evangelist for emerging technologies, business practices, and customer-centricity, Greg has been leading and advising world-class marketing initiatives, teams, and organizations for more than twenty-five years. Prior to joining BrandProtect, Greg served in marketing leadership roles at […]


Security Expert: The malevolent insider is the greatest threat to any company as these individuals are operating from a position of trust.

CHRISTOPHER BURGESS ​@burgessct Christopher Burgess is the CEO, President and co-founder of Prevendra. He is an author, speaker, advisor, consultant, and advocate for effective security strategies, be they for your company, home, or family. “The most serious threat to a company’s data security is the…” Insider threat, which comes in two forms: The malevolent insider is […]


Security Expert: Efforts to mitigate the insider threat, such as additional security controls and improved vetting of new employees.

STEVE DURBIN @stevedurbin Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of focus include the emerging security threat landscape, cyber security, BYOD, the cloud, and social media across both the corporate and personal environments. Previously, he was Senior Vice President at Gartner. “As data breaches increase, many will be the […]


Security Expert: well-executed inside job will always wreak the most havoc and inflict the most pain: ‘trust but verify’ your insiders’ backgrounds.

JAMES GOODNOW @JamesGoodnow James Goodnow is a brilliant, creative, compassionate attorney and a technology aficionado in Phoenix, Arizona who’s been named one of America’s Techiest Lawyers by the ABA Journal, the official publication of the American Bar Association. Apple actually selected him as the first lawyer to be featured in one of its commercials, and also […]