Video Screencast Help
Search Video Help Close Back
to help

Information Unleashed

Showing posts tagged with malicious insider
Showing posts in English
The Enemy Within
fdesouza | 22 Aug 2012 | 0 comments

With all the headlines about criminals, hactivists (like Anonymous) and nation states stealing information from high profile companies, which group is responsible for the most data breaches?  To answer that question, and many others, Symantec and the Ponemon Institute teamed up to conduct the 3rd annual Global Cost of Data Breach Study [PDF], which looks at the trends and financial impact of data breaches on businesses around the world.

We released the results earlier this year and the answers surprised people.  In spite of all the headlines, insiders—employees, contractors and other people who have legitimately been given access to corporate information—were actually the leading cause of data breaches, accounting for...

Read more
Don’t Look to Anti-Hacking Laws to Protect your Company from Malicious Insiders
Tim_Matthews | 12 Jun 2012 | 1 comment

 

In a recent court case U.S. v. David Nosal, Judge Alex Kozinski ruled that the Computer Fraud and Abuse Act (CFAA), the nation’s anti-hacking law, applies to people accessing data by circumventing technological access barriers, but it does not extend to employees violating their employer’s restrictions on the use of that information. Under the new interpretation, an employee who has valid credentials to access company data and then misuses that data, however inappropriately, cannot be prosecuted under the CFAA. However, an employee who has valid credentials to access a company computer, but hacks into company data for which he does not have authorization can be prosecuted under CFAA.

The reason for the new interpretation, according to the ruling summary, was that using the CFAA to take action against employees that violate use restrictions could lead to prosecution...

Read more
What can you get for $500,000? Notification for one data breach
Tim_Matthews | 15 May 2012 | 0 comments

U.S. companies are paying more to notify people impacted by data breaches, according to the 2011 Cost of a Data Breach Study: United States. The average cost to notify victims of breach increased in this year’s study from approximately $510,000 to $560,000. At the same time, the average size of a breach is down 16 percent and the costs associated with the detection and escalation of data breach events declined as well, suggesting that companies may be more efficient in investigating data breaches.

So, if companies are better at detecting breaches and breaches involve fewer records, why are notification costs continuing to creep up?

The...

Read more
IT Predictions for 2012: A Q&A with Francis deSouza
Gina Sheibley | 09 Jan 2012 | 2 comments

 

In 2011, corporate information emerged as the most coveted asset in the cybercrime war, the vast amount of digital information in the world grew even more rapidly and the surge in mobile devices in the workplace added another layer of complexity for IT executives.

So what's next?  I sat down with Francis deSouza, Symantec's Group President of Enterprise Products and Services, to get a sense of the challenges CIOs will face in their quest to keep their information secure and accessible in 2012.  Following is a recap of our discussion including a few key predictions to consider as you plan for the year ahead: 

Question 1:Francis, you spend a lot of time with our customers.  What challenges do they face in the year ahead?

Francis deSouza: As...

Read more
Insider Data Theft: When Good Employees Go Bad
fdesouza | 12 Dec 2011 | 1 comment

In today’s business world, information is as valuable as cash. In fact, industrial espionage costs U.S. businesses more than $250 billion each year. This has organizations scrambling to shore up their defenses against all manner of outside attacks.  At the same time, companies of all sizes may be neglecting one of the most important perpetrators of intellectual property (IP) theft: their employees.

In order to assess this often underrated threat, Symantec asked forensic psychologists Eric D. Shaw and Harley V. Stock to examine various factors leading to insider IP theft. While most research is put into the development of technology-based security measures, their white paper focuses on the behavioral and environmental issues that can lead to theft of corporate data.

Who Is the Typical IP Thief, and What Are They Stealing?...

Read more