HackDig : Dig high-quality web security articles for hacker

Take a Hike: Navigating Your Identity Governance and Administration Process Engineering Journey

Most of the clients that I speak to say they understand the importance of the processes for identity governance and administration (IGA). These clients typically talk about the familiar people, processes and technologies of identity and access management (IAM), and many of them even consider processes to be a critical element for their IGA program. Unfortuna
Publish At:2017-09-19 12:00 | Read:123 | Comments:0 | Tags:Identity & Access Identity and Access Governance (IAG) Ident

See No Data, Hear No Data, Speak No Data: Overcoming the Challenges of Risk-Focused Data Management

The art and science known as risk management has been around for years. It is applied in a broad array of areas, including insurance, credit risk ratings, stock and other market risk ratings, foreign policy decisions, military responses and many others. The true irony is that, although risk management has been applied to many aspects of IT, such as change ma
Publish At:2017-09-14 21:10 | Read:176 | Comments:0 | Tags:Data Protection Risk Management Data Breach Data Management

From Suspicious Activity to Suspended Account in Less Than a Minute: Stopping Insider Threats With Automation

Co-authored by Lauren Horaist. You read the headlines and understand industry trends. There are plenty of horror stories to reference. Organizations have had their reputations destroyed and entire corporations have gone out of business due to insider attacks. How can you avoid being the next victim? First, you need to understand what insider threats really a
Publish At:2017-09-13 08:20 | Read:203 | Comments:0 | Tags:Cognitive Identity & Access Security Intelligence & Analytic

The CISO’s Guide to Managing Insider Threats

Critical digital and physical assets are becoming increasingly vulnerable due to accelerated connectivity, differing global regulatory requirements, joint ventures and business partnerships and security weaknesses within complex multinational supply chains. These factors have led to a rise in insider threats for enterprises across all industries. An insider
Publish At:2017-09-11 19:25 | Read:228 | Comments:0 | Tags:CISO Data Protection Identity & Access Chief Information Sec

Spotlight on Energy and Utilities Sector: Attacks Targeting ICS Systems Projected to Increase

There is an increased focus on cybersecurity among governments and energy and utilities organizations worldwide, and for good reason. Attacks on critical infrastructure such as fuel, electricity and drinking water carry the potential for damage far beyond their economic impact. As demonstrated by incidents such as the notorious shutdown of several Iranian nu
Publish At:2017-09-06 20:40 | Read:263 | Comments:0 | Tags:Advanced Threats Energy & Utility Threat Intelligence Energy

Know Your Data and Your Enemies: Establishing a Baseline for Proactive Threat Hunting

The purveyors of modern threats are not trying to simply deface your website or own your web server. These advanced attackers are attempting to siphon critical and sensitive data from your network over long periods of time, and do so undetected. Where Is Your Data? When threat hunting, at a minimum, you should know where your critical data is stored and how
Publish At:2017-09-06 20:40 | Read:302 | Comments:0 | Tags:Data Protection Incident Response Risk Management Security I

Seeing Data Security Breaches With Your Own Eyes

Although you can never truly predict the unexpected, most security applications attempt to do just that. They use attack models built to defend against security breaches that follow known patterns or model behaviors using a series of assumptions about exceptions. The attacks that do get through expose the uncomfortable truth that determined attackers can sur
Publish At:2017-08-10 20:40 | Read:282 | Comments:0 | Tags:Data Protection Access Management Cost of a Data Breach Data

Caveat Emptor: Identifying Insider Threats Acquired From Mergers and Acquisitions

With all the industry studies, articles and literature related to insider threats, it is baffling to see that very few have focused on how insider threats are acquired — in fact, paid for — during a merger and acquisition process. Organizations are so fixated on driving profits and staying competitive that they gobble up any tangible asset they can. Compani
Publish At:2017-08-02 12:30 | Read:421 | Comments:0 | Tags:Risk Management Acquisition audit Insider Threat Risk Risk A

Outsider or Insider: Who Will Cause Today’s Data Breach?

In today’s cybercrime landscape, threats come not only from all sides, but also from within. In its annual Threat Intelligence Index, IBM X-Force called 2016 the “year of the mega breach.” As threat actors become more sophisticated, enterprises must deal with outsiders who target corporate networks to steal product, client and customer data
Publish At:2017-07-12 10:20 | Read:365 | Comments:0 | Tags:Data Protection Identity & Access Data Breach Data Breaches

The Enemy Within: Identifying Insider Threats in Your Organization

Security professionals and managers are increasingly concerned that the leading information security risk to organizations comes from within. But despite the sinister overtones of this problem, insider threats are associated more with accidents and oversights than malicious actors. The danger is amplified by shortfalls in training and expertise, and the ch
Publish At:2017-06-22 11:35 | Read:574 | Comments:0 | Tags:Identity & Access Risk Management Critical Data Data Protect

Financial Sector Remains a Top Target in 2017

It should come as no surprise that the financial sector is the top target for cybercriminals year after year. After all, money does make the world go ’round. What is more surprising, though, is fraudsters’ continued success. In 2016, we saw an influx in point-of-sale (POS) attacks, ATM jackpotting and SWIFT transaction manipulation. According t
Publish At:2017-06-12 12:11 | Read:405 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Cybercrime Dis

Manufacturing Security Incidents: Forty Percent Higher Than Cross-Industry Average in 2016

The manufacturing industry — including, but not limited to, automotive, electronics, food and beverage, textile and pharmaceutical companies — was the third most attacked sector in 2016, according to the 2017 IBM X-Force Threat Intelligence Index. In fact, the number of security incidents, which are attacks or security events reviewed by IBM security analyst
Publish At:2017-06-06 08:50 | Read:371 | Comments:0 | Tags:Advanced Threats Industries Threat Intelligence IBM X-Force

Using Security Intelligence to Detect Insider Threats From Cloud-Based Applications

Microsoft Office 365 is popular — very popular. In 2016, Gartner reported that 78 percent of enterprises surveyed used or planned to use Office 365. With access to a range of user activity events from a variety of sources, including Exchange Online, SharePoint Online and Azure Directory, how can Office 365 administrators correlate all this valuable data wit
Publish At:2017-05-26 08:10 | Read:785 | Comments:0 | Tags:Cloud Security Data Protection Identity & Access Security In

Unwrapping the Mystery: Did a Big, Slimy Internet Worm Make Hundreds of Organizations WannaCry?

Two weeks into the WannaCry aftermath, response teams are getting back to normal, organizations are re-evaluating their infrastructures, and even the bitcoin payments the fraudsters were collecting have almost stopped trickling in. It’s time now to look into the data to find clues about what made WannaCry spread so rapidly and with such a wide scope.
Publish At:2017-05-25 13:35 | Read:834 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence IBM X

Security Is an Organizational Behavior Problem

At what point will we admit that technology is not enough? When will we discover that our well-documented processes are insufficient? Who will acknowledge that their leadership when it comes to governance isn’t working? It takes a strong person to admit these flaws in organizational behavior and tackle the hardest problems head on. People, process, t
Publish At:2017-05-17 21:15 | Read:558 | Comments:0 | Tags:CISO Insider Threat Security Awareness Security Program Secu

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud