The Insider Threat Denial Syndrome

Posted by Eran Cohen on May 18, 2017 12:01:22 PM

I believe there is a “denial syndrome” that exists in cyber security. I’m not referring to the “It won’t happen to me” concept, I’m pointing to a deeper and more dangerous belief. In psychology, denial happens when we are uncomfortable with the facts of reality and instead of dealing with it we reject it, insisting it is not correct.

Read More

Topics: Insider Threat, User Risk

Are Local Administrator Passwords a Security Risk In Your Organization?

Posted by Avi Kama on Feb 24, 2017 12:32:58 PM

On every Windows machine, you will find there is a local administrator user, usually descriptively named “Administrator.” This user exists by default. It is there because the machine requires at least one administrator when it is first installed. For the most part, machines in an organization are managed by the domain administrator (once the machine is added to the domain, the domain administrator is also an administrator for that machine), and the local administrator is used in times of “crisis” - when there’s no network access, but physical access is available.

Read More

Topics: Passwords, Privileged Users, User Risk

The Dangers of Bending the Security Rules to Get Things Done

Posted by Heather Howland on Jan 20, 2017 1:58:56 PM

The other day I was speaking to a good friend of mine. He’s an executive consultant working for a large Fortune 1000 organization. As we are talking I realize that he has access to a lot of highly sensitive information that if exposed could be rather damaging to the company. He was lamenting to me how he needed to get access to some data on one of the servers but IT blocked him from accessing it until he completed a mandatory online “IT Security Awareness” training.

Read More

Topics: User Behavior, Risk, ueba, User Risk, Credential Compromise

The Great IT Security Skills Shortage

Posted by Ajit Sancheti on Jun 6, 2016 5:01:08 PM

In a recent article I wrote for InfoSecIsland, I talk about the challenge that many organizations today struggle with around IT Security staffing. There are countless statistics highlighting this growing problem. 

Read More

Topics: CISO, User Risk