State Looks to Better Assess Vendor Security – Route Fifty
State Looks to Better Assess Vendor Security Route Fifty
Tag Archive for: Assess
The 5-Question Test to Assess Your Readiness to Manage Insider Threats
An insider threat is a cyber security risk that originates from within any organization that is being targeted by attackers. Often, insider threats involve a current or former employee, or business associate, who has access to sensitive information or privileged accounts, and who misuses this access. Sometimes it is an outside attacker who gains credentialed access and waits for the right time to strike. In both cases, traditional security measures tend to focus on external threats and are not always capable of identifying an internal threat from inside the organization.
A paper written by Forrester Research in late 2021, Insider Threats Drive Data Protection Improvements, revealed that 58 percent of sensitive data security incidents are caused by insider threats. This report highlighted that nearly a third (31 percent) of firms surveyed do not believe insiders are a substantial threat, and suggests this is a principal reason why insider threats make up such a high proportion of security incidents.
While company leadership teams acknowledge that insider threats pose some risks, they don’t generate the level of urgency required to manage this risk effectively. This failure has a cascading effect; fewer than 30 percent of firms surveyed say they have an insider risk management strategy or policy. It is understandable that many organizations focus on perimeter and endpoint, first. Strong network and endpoint security, combined with vulnerability management lifecycle toolsets and a mature security operations center, are key to reducing overall risk. However, with insider events occurring more often than external, according to the report (58 percent vs. 41 percent), a more effective data security strategy vis-a-vis insider threats is needed.
There are steps organizations can take immediately that will mitigate some of the risk posed by insider threats. Some are straightforward, others will require some planning (not to mention board, team, and/or departmental buy-in). Take this five-question test to find out how well you currently manage insider threats.
1. Do you use multi-factor authentication (MFA)?
Multi-factor authentication cross-verifies privileged users with two different…
Intelligence Officials Will Assess Security Risks From Mar-a-Lago Documents
WASHINGTON — U.S. intelligence officials will conduct a review to assess the possible risks to national security from former President Donald J. Trump’s handling of classified documents after the F.B.I. retrieved boxes containing sensitive material from Mar-a-Lago, according to a letter to lawmakers.
In the letter, Avril D. Haines, the director of national intelligence, informed the top lawmakers on the House Intelligence and Oversight Committees that her office would lead an intelligence community assessment of the “potential risk to national security that would result from the disclosure” of documents Mr. Trump took with him to his private club and residence in Palm Beach, Fla.
In the letter, which was obtained by The New York Times, Ms. Haines said her office would work with the Justice Department to ensure that the assessment did not interfere with the department’s criminal investigation concerning the documents. The review will determine what intelligence sources or systems could be identified from the documents and be compromised if they fell into the wrong hands.
Ms. Haines’s letter, dated Friday, was reported earlier by Politico. It came after the leaders of the Intelligence and Oversight Committees asked her on Aug. 13 to conduct an “immediate review and damage assessment” in the wake of the F.B.I.’s search of Mar-a-Lago, during which federal agents recovered 11 sets of classified documents.
On Friday, the Justice Department released a redacted version of the affidavit used to obtain the search warrant for Mar-a-Lago. That document included the revelation that Mr. Trump had retained highly classified material after leaving office, including documents related to the use of “clandestine human sources” in intelligence gathering.
Representatives Adam B. Schiff, Democrat of California and the chairman of the Intelligence Committee, and Carolyn B. Maloney, Democrat of New York and the chairwoman of the Oversight Committee, issued an approving statement in response to Ms. Haines’s letter.
“The D.O.J. affidavit, partially unsealed yesterday, affirms our grave concern that among the documents stored at Mar-a-Lago were those that could endanger human…
Cyber Experts Scramble to Assess Scope of ‘Hack of a Decade’
News Highlights: Cyber Experts Scramble to Assess Scope of ‘Hack of a Decade’.
US government cyber experts are furiously working in secure offices around the world, scouring computer traffic to find out which federal systems have invaded the sweeping cyber-espionage attack that the FBI warned this week was “important and ongoing.” is. Suspected Russian hackers have broken into sensitive US government computer networks, from the Pentagon to the Department of Energy, as well as US private companies, poking around and likely reading emails and collecting data.
The Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security called the attack, which began in March or possibly sooner, “a serious risk” to the US government. Experts from both the government and US private companies compromised in the attack take entire sections of their computer networks offline or quarantine them for a deeper forensic dive to find out what was copied or taken, and whether the hackers left behind malware code .
The hackers used a little-known but widely used software program called Orion, created by cyber company SolarWinds, whose client list includes the Office of the US President, the Pentagon, NASA, NSA, all five branches of the US military, and most of the Fortune. 500 companies, including the ten largest US communications companies.
The Austin, Texas-based company then deleted its customer list from its website report the hack may have affected some 18,000 customers. The company says it “has been informed that the nature of this attack indicates that it may have been carried out by an outside nation-state” and is encourage customers to update their systems to remove the threat. The company did not immediately respond to the request for comment. CISA referred adding to the attackers as “a patient, well-resourced and focused adversary” that the Orion software vulnerability was not the only way it attacked, but refused to share further details.
Since it was first reported by Reuters Sunday, the known size of the hack is growing every day. So far, government agencies, including the Ministries of Trade and Energy, are among those confirmed to be…