When it comes to hackers exploiting vulnerabilities in their software, organizations have two choices:  They can fight the multi-headed hydra — or they can try to buy them off.  And thus was born the bug bounty.  Of course the situation is a bit more complicated than that, but ever since ​​Peiter C. Zatko — better […] The post HackerOne: Hacked from the Inside first appeared on IT Security Central - Teramind Blog ..read more

Whether businesses are grappling with rapidly changing market conditions, continued pandemic disruptions, geopolitical conflicts, or shifting workplace arrangements, threat actors are looking to take advantage of the moment to undermine network integrity or compromise data privacy.  In many ways, their efforts are bearing fruit. According to a recent industry survey, 66 percent of respondents indicated […] The post 3 Critical Elements of Effective Insider Risk Management first appeared on IT Security Central - Teramind Blog ..read more

The uptick in recent years in cyber attacks by rival state actors, primarily Russia and China but not only, as well as criminal groups, have pushed the US government to step up its effort to defend against these malicious actors.  While much of the focus has been on external actors, there has also been an […] The post 5 Effective Tips for Securing Government Agencies Against Insider Threats first appeared on IT Security Central - Teramind Blog ..read more

In a recent report by the incident response giant Mandiant, which was purchased by Google in March, their researchers found that 2021 was a record year for the total number of 0-day vulnerabilities disclosed and exploited. According to their findings, their team identified some 80 0-days exploited in the wild. At the same time, Google […] The post 0-Days are on the Rise and that Means a Lot More Work for SOC Teams first appeared on IT Security Central - Teramind Blog ..read more

Verizon’s Data Breach Investigation Report for 2022 (DBIR) was recently released and it has some good news and it has some bad news when it comes to the risk of insider attacks.  First the good news, sort of. According to the DBIR, the vast majority of breaches continue to come from external actors (80% vs […] The post 3 Tips for Mitigating the Insider Threat Facing Government Organizations first appeared on IT Security Central - Teramind Blog ..read more

After consecutive pandemic years, companies and their employees are grappling with the consequences of disruption. Most notably, a once-in-a-generation pandemic coupled with social strife, geopolitical conflict and other factors has helped usher in an unprecedented reprioritization and restructuring of the workforce as people reimagine their professional lives in light of their lived experiences during the […] The post Three Ways To Help Employees Thrive In The New Normal first appeared on IT Security Central - Teramind Blog ..read more

While the stakes for private sector organizations differ drastically from governments that have to protect state secrets like hacking tools or nuclear technologies, businesses do have their own needs for Data Loss Prevention measures. Organizations can face the threat of data like their intellectual property (IP), source code, customer details, Personally Identifiable Information (PII), financial […] The post From Behavior Analytics to Security Education: 4 Ways Organizations Should Mitigate Modern Insider Attacks first appeared on IT Security Central - Teramind Blog ..read more

Uncertainty has abounded for businesses in the past 24 months. Whether they adapted to operational transitions, supply chain disruptions, or hiring challenges, unpredictability was par for the course. Assessing this unpredictable business landscape, The New York Times notes, “at companies large and small, new and old, public and private, 2021 was a year that played […] The post 3 Employee Metrics Worth Measuring in 2022 first appeared on IT Security Central - Teramind Blog ..read more

Working in a Security Operations Center (SOC) is like working in an emergency room on a weekend shift at 2 AM. The steady stream of new alerts screaming for attention and combined with the lack of enough trained personnel make it a miracle that it all seems to work through on a string and a […] The post Training Will Be Key to Retaining SOC Analysts first appeared on IT Security Central - Teramind Blog ..read more

When it comes time for an employee to leave your organization, you want it to be on friendly terms. But there are definitely limits to how friendly you want folks to be after they leave. Especially when it comes to accessing materials from their old position for their new endeavors. In a recent bizarre case, […] The post How to Reduce the Risk of Former Employees Coordinating with Insider Threats first appeared on IT Security Central - Teramind Blog ..read more