Chinese-born Greg Chung seemed to Rockwell and Boeing like any other loyal, reliable, hardworking engineer. Little did his employers know, Chung was collecting secret information that would help his home country develop its own space program.From 1979-2006, he stole hundreds of thousands of sensitive documents about the space shuttle, Delta IV rocket, and C-1 military cargo jet from his employers and handed them over to the Chinese government. For years, he traveled to China under the guise of g ...

Data loss prevention software is designed to detect data leakage and exfiltration by keeping an eye on sensitive data while it is in use, in motion, and at rest. There’s a reason these tools exist. In 2017, about 3 million records were stolen every day. While only the biggest data loss incidents, like the Equifax breach, make the headlines, it’s a risk that applies to businesses of all sizes, types, and industries.Keep Reading

When organizations consider the threat posed by insiders, often they think first of malicious intent. How will we protect ourselves against disgruntled ex-employees, or current employees who have ulterior motives? What if one of our partners or vendors decides to steal data from us on purpose?These are valid instances of insider threat, but they aren’t the only ones. And, in fact, the unintentional insider threat can be equally risky to the organization and is unfortunately quite common, accou ...

We're addicted to podcasts. These days there is such a broad range of really good cybersecurity content available in podcast form (for free might we add), that it's hard to pick just one! We polled our internal security experts to find out their favorites, and here’s what they recommend you tune into!Continue Reading

Yesterday we learned about two hardware bugs dubbed Meltdown and Spectre that allow normal, low privileged user programs such as database applications or JavaScript in web browsers to access what the kernel memory has been designed to hide.As patches are becoming available, organizations will experience a massive impact on performance. Even worse is the security risk associated with the business’s now publicly exposed information.Continue reading...

It’s the first week of 2018, and we can’t help but reflect on all the security news that has unfolded over the last year. As we noted in our post last week, The 5 Biggest Data Breaches of 2017, it seems like countless top-name organizations fell victim to massive data breaches – whether due to malicious hackers or to naïve users who unknowingly helped attackers. It’s important that companies take the proper steps and implement effective processes to help prepare for, mitigate, ...

From Vault 7 to WannaCry to Equifax, we’ve seen large scale security incidents in the last year that have left sensitive data exposed. Malicious hackers have found new ways to compromise classified systems and information, and naïve users continue to put organizations at risk. As we wrap up 2017, we wanted to reflect on this year's biggest security breaches in the hopes that history does not repeat itself.Check out our look back at the top 5 cybersecurity events that have unfolded t ...

Forces of stormtroopers, councils of Jedi, and squadrons of alliance pilots will flock to theaters to watch the latest installment in the Star Wars series – The Last Jedi. Fans will light up the internet with blogs, fan fiction, speculation, and analysis of every frame of the movie.Cybersecurity experts are no different. With each addition to the expanding Star Wars movieverse, IT security bloggers use the Galactic Empire (now the First Order) and the Rebel Alliance as analogs for compani ...

Gatepoint Research recently surveyed more than 100 executives in IT and security roles to understand trends in insider threat management (details of survey responder roles, industries and firm size is included at the end of this post).So what did we learn from the survey? The findings demonstrate organizations’ concerns about insider threats, particularly data exfiltration. The research also sheds light on the challenges organizations face in mitigating these threats. See the results…

For years, Data Loss Prevention (DLP) has been the first line of defense against data leaving the organization’s four walls. DLP attempts to classify data, track data, and prevent it from going leaving the organization via unauthorized channels. Research shows that successful DLP implementations are very rare. Organizations continue to struggle with heavy DLP agents on the endpoint, the time consuming data classification process, ongoing maintenance, and disconnects between data owners and DLP ...