Our Terms of Use and Privacy Policy have changed. We think you'll like them better this way.

  • 00:18

    Methods for Extending Visibility to Servers to Detect APT and Insider Abuse

    in Technology

    Security and Information Event Managers (SIEM) tools rely heavily on perimeter security logs, like those from firewalls, IPS and router NetFlow, The sharing of these logs with SIEMs have been very successful in identifying sophisticated external attacks in very early stages.  Now, for most organizations, the most severe data breaches are coming from privileged insiders or from Advanced Persistent Threats (APT) that imitate the privileged user.  In this podcast Caleb talks with experts from Vormetric to explore if it is possible to use the tried and true SIEM and anomaly detection techniques with file system level log information to detect and identify APT and Insider abuse.

  • 00:36

    Proactive APT and Root Abuse Mitigation Techniques

    in Technology

    With growing numbers of cybercriminals and nation state actors intent upon stealing your electronic assets, disrupting your business operations and pilfering your intellectual property, you now need proactive strategies in place to mitigate risks that go beyond a traditional perimeter firewall. The most dangerous data theft threats are coming from the internal privileged user - not always the actual user, but often an external party that compromised a privileged user with Advance Persistent Threat (APT) tactics. Allowing privileged users, such as database, server, hypervisor, cloud infrastructure and storage admins, access to sensitive data unnecessarily increases the risk surface of your business and greatly simplifies an APT's mission of stealing your most valued data.  In this podcast Caleb Barlow will be joined by Vormetric Executives: CEO Alan Kessler and CSO Sol Cates, and the 2BSecure President and Former Chief Information Security Officer, Central Intelligence Agency (CIA), Bob Bigman.  We will discuss the latest data-theft trends and modern techniques to protect your data as close to the source as possible with data centric security and data firewalls across physical, virtual, private cloud and public cloud environments.  The solution will include exploration of IBM InfoSphere Guardium products, encryption techniques, strong policy controls, and security intelligence.
    Topics or interested parties may also include SafeNet, Trend Micro, Oracle, NTAP, VMware, AWS, Imperva customers using or considering TDE, FDE, volume encryption, privileged users access management (PAM), Database Account Monitoring (DAM), Vulnerability assessment tools, data discovery and data leak prevention (DLP) .  

  • Hass & Associates Online Reviews: Twelve Tips to Combat Insider Threats

    in Technology

    Employees with access to sensitive data remain a critical security vulnerability - but there are practical steps for addressing the issue from within.

    The Edward Snowden leaks highlighted that if the NSA can have its sensitive documents stolen by an employee, anyone can. According to the 2015 Vormetric Insider Threat Report, 89% of global respondents felt that their organisation was now more at risk from an insider attack with 34% saying they felt very or extremely vulnerable.

    According to corporate security firm Espion, while the frequency of cyber incidents is on the rise, hackers trying to gain access to critical information are not always to blame, with insider involvement remaining a significant problem.

    The methods used to transfer data can include uploading to online network storage, email transmission, storage on local media including USB memory sticks, CD’s or DVD’S and other data exfiltration methods. The information sought by hackers is multifaceted and varied and depending on the nature of the target’s business can include; intellectual property, financial information, customer or client related information, project plans, business presentations, blueprints and personnel details.

    'Insider abuse is more difficult to detect, as the perpetrators often have legitimate access to sensitive data and removing it may go completely unnoticed,' said senior Espion consultant John Hetherton, commenting on incidents of security breaches from within organisations...

    Continue reading...