This paper is a theoretical study looking at three famous cases of insider attacks that occurred over the past six years. The paper defines the facts of the attacks and information on the attackers. It then theorizes how a behavioral analytics engine could have been used to detect and prevent these attacks. Although theoretical, the analysis is focused on technical facts rather than on opinions, so that objectivity is maintained. All facts referenced in this document are publically available. No confidential or classified data is used in this document.

This report offers insight into the Cylance methodology of endpoint protection.

Working with some of the world’s leading online brands, CyberInt takes a look at the fraud threats that retailers receive in the cyber world.

This survey shows many American consumers are in favor of regulations designed to give them greater control over how businesses use their personal data. 78% of them were aware of the Facebook data-sharing scandal, in which political consultancy firm Cambridge Analytica gained access to private information on more than 87 million Facebook users. 94% reported being generally concerned about their data and 57% said that the scandal made them even more concerned about their data privacy and security than they were before. The survey results show that many American consumers are open to regulations designed to give them greater control over how businesses use their personal data. 69% of those surveyed would like to see privacy laws like the European Union’s General Data Protection Regulation (GDPR) enacted in the US.

Microsoft has come across an evolution of PLATINUM’s file-transfer tool, one that uses the Intel® Active Management Technology (AMT) Serial-over-LAN (SOL) channel for communication. This channel works independently of the operating system (OS), rendering any communication over it invisible to firewall and network monitoring applications running on the host device. Until this incident, no malware had been discovered misusing the AMT SOL feature for communication.

Given that the most important information resides in databases, organizations are increasingly turning their focus toward databases security technologies. To defend databases from attackers using stolen credentials, the industry is beginning to adopt a new security paradigm based on machine learning and behavior analysis. This white paper discusses that paradigm shift and the issues that go along with it.

This report provides a series of recommendations for the reform of Ukraine’s security and defense institutions. It covers a wide range of topics including cyber warfare. This research was under- taken in response to a request by the presidential administration of Ukraine and in participation with the National Security and Defense Council and sponsored by Ukraine Investment Alliance, a 501(c)(4) foundation. Research for this report was completed in the fall of 2015. Although some minor updates have been made, the analysis predomi- nantly reflects the situation as of that time.

Based on survey responses from more than 800 senior business managers and IT professionals in major global markets, the global edition of this report provides present-day insight an opinion not the host of data breach threats that enterprise organizations face on a daily basis.

This is the 2nd ebook from The New Stack’s series focused on the Kubernetes ecosystem. Unlike the 1st ebook that centered on the state of the Kubernetes ecosystem, this ebook shines a light on answering the question: How well does Kubernetes work in production?

In this edition of Risk and Regulatory Outlook a Deloitte subject matter expert outlines the situation, specifies existing or prescient change, and suggests practical steps in each of the nine key areas of regulatory change we focus on.

This report is based on the results of an independent survey conducted by market research specialist Vanson Bourne.

This is a short guide for helping organizations become SOC 2 compliant.

This paper is intended to give a high-level view on the insider threat for those looking to implement a defensive programme. It considers the types of attack that may take place and some of the common weaknesses that aid insider attacks. It also covers some of the policies and controls that can be implemented to detect, deter or defend against the insider threat. This paper is intended to be a summary, however, the final section details further reading and resources that provide more in-depth information.

This study is a summary of responses from over 400 cybersecurity professionals to provide a comprehensive snapshot on the evolving threat landscape, insider and external threats, preventative measures, threat monitoring and data collection, threat intelligence, threat detection, threat hunting, threat analytics, incident response, and incident recovery.

This paper was written to understand understand how organizations qualify and quantify the financial risk to their tangible and intangible assets in the event of a network privacy or security incident.

Ever wondered how JWT came to be and what problems it was designed to tackle? Are you curious about the plethora of algorithms available for signing and encrypting JWTs? Or are you interested in getting up-to-speed with JWTs as soon as possible? Then this handbook is for you.

The 2016 Thought Leadership programme convened by Corsham Institute, in conjunction with RAND Europe and St George’s House, examined a number of crucial dimensions of our connected society. The programme facilitated the gathering of a diverse set of experts and influential leaders from various sectors to discuss challenges and opportunities, share experiences, and build a network. To give a brief glimpse of these discussions, we have produced this Key Findings report to provide participants, stakeholders and interested parties with a strong sense of both the subjects covered during our deliberations, as well as some of the issues, which still need to be tackled going forward.

This article discusses three different types of careless users who cause cybersecurity incidents.

This is a report based on a survey that seeks to understand how companies look at cloud security.

This article provides exclusive insight into North Korea’s Anti-Virus program.

This Report takes a look at the top 5 data security threats and analyzes what a company can do about them.