Your people are your biggest asset, but also your biggest risk. Do you have the ability to detect, investigate, and prevent a costly insider threat incident, or know how to recognise one when it occurs?
The Insider Threat Level series is here to keep you up-to-speed on the numerous examples of insider threat incidents, trends, and best practices caught in the news, so you can be better prepared for anything coming your way.
If you missed the last Insider Threat Level, we covered: Military P.I.I Data Exposures, Apple Self-Driving Cars and more.
This week, we’re taking a look at: the potential LabCorp data breach, the biggest threat to business, a $33m Series B round, and the Singapore Health Services data breach.
What’s Happening
- Possible Data Breach at LabCorp
Source: FortuneAccording to an official filing with the Securities and Exchange Commission, medical diagnostic company LabCorp has reported “suspicious activities” on its network. The company took down certain systems in response to the July 14th event, but is still actively investigating the situation. It has not yet been determined whether any unauthorised data access or transfers occurred.
Hot Take:
The high potential for healthcare-related insider threats or data breaches is no longer news, thanks to an influx of reported incidents over the past few years. So why are we not seeing better returns on the data security message that permeates the healthcare / tech conversation?Our take? It’s due to a lack of visibility, planning, and cultural focus on data protection.If organisations have better visibility into activity coming in from outside their networks, as well as visibility into user activity from potential insider threats (employees, contractors), they should be able to proactively come up with incident response plans and coachable moments for improving overall cybersecurity understanding within their organisation. In other words: you have to be able to balance people, process, and technology in order to improve security!
- Once Again, Insider Threats Named “Biggest Threat to Business”
Source: ITProPortal
A new report from cybersecurity peer CyberArk has announced that out of 1,300 IT security decision makers, about 51% believe that the insider threat is one of the greatest threats to their organisations.They also reported that the number of privileged access given to insiders on their local devices has increased from 62% to 87% over the last two years.
Hot Take:We’re a little insider threat focused around here, if you haven’t noticed. But our reasons are pure: organisations historically have focused on the external threats to their systems, files, and data! Thankfully, times are changing, and organisations are taking a more holistic approach to cybersecurity which includes looking both outward and inward.This most recent naming of insider threats as the “biggest threat to business” is just one of many wake-up calls to the high cost potential of insider threat incidents. The time for action is now! - ObserveIT Closes $33m Series B Round with Support from NightDragon Security
Source: ObserveIT
The leading insider threat management provider, ObserveIT (hey, that’s us!), closed a $33 million Series B funding round with participation from Bain Capital Ventures, Sprint Lake Equity Partners, and NightDragon Security. - (FEATURED) Three Indicators Your Privileged Users May Be Insider Threats
Source: ObserveITHow can you tell if a privileged user, someone who you trust with valuable systems, data, and files access, is a high potential insider threat risk? We’ve put together a list of three major insider threat indicators to look out for, in this quick, 3-minute read. - 1.5 Million Exposed by Singapore Health Services Data Breach
Source: DarkReading
According to news reports, the personal information associated with over 1.5 million Singapore Health Services patients has been compromised in a data breach. The primary identified focus: the medication information for Singapore’s Prime Minister, Lee Hsien Loong.
Hot Take:We often hear about state-sponsored threats, and the risk of healthcare data misuse, but never the two put together. If any single individual has questioned the importance of data security or privacy, this is the type of incident that should cause them to pause and make them wonder how their data is being collected, used, and protected.
How do you feel about the Insider Threat Level?
Did you find this insider threat news recap particularly interesting? Want to see additional coverage? Let us know by tweeting @Proofpoint.