CIO Vs. CSO: Allies Or Enemies?
4/14/2014In the wake of the Target breach it's clear that the CIO and CSO must have clear boundaries of responsibility and equal representation in the board room.
Post a Comment
Author
Profile of Eric Cole
Founder & Chief Scientist, Secure Anchor Consulting Member Since: 4/21/2014Author
News & Commentary Posts: 15
Comments: 2
Dr. Cole has 20 years of hands-on experience in information technology with a focus on building out dynamic defense solutions that protect organizations from advanced threats. He has a Master's degree in computer science from NYIT and a Doctorate from Pace University, with a concentration in information security. He the author of several books, including Advanced Persistent Threat, Hackers Beware, Hiding in Plain Site, Network Security Bible, and Insider Threat, and holds more than 20 patents. He is a member of the Commission on Cyber Security for the 44th President and is actively involved with the SANS Technology Institute (STI). He also served as CTO of McAfee and Chief Scientist for Lockheed Martin.
Articles by Eric Cole
In the wake of the Target breach it's clear that the CIO and CSO must have clear boundaries of responsibility and equal representation in the board room.
Post a Comment
Risk Management: Asking The Right Questions
10/8/2012In order to make sure an organization's security is properly aligned with risk, it is critical that organizations focus on asking the questions that really matter
Post a Comment
Is Your Organization Doing Good Things Or Doing The Right Things?
10/4/2012Fixing vulnerabilities that are a real threat is the right thing to do
Post a Comment
Taming the Beast: Preventing/Detecting Insider Threat
11/27/2010While many companies deal with the problem of insider threat, there are some practical things that can be done to both prevent and detect insider threat. Always remember, prevention is ideal but detection is a must.
Post a Comment
Profiling The Evil Insider
11/16/2010How to sniff out a rogue insider
Post a Comment
Understanding The Mindset Of The Evil Insider
10/4/2010Technology is typically going to serve as the basis for insider threat attacks. One of the major key technology areas is information extraction, and it must be clearly understood so an organization can try to stay one step ahead of the malicious insider.
Post a Comment
Why The Insider Threat Is Ignored
9/28/2010The insider threat is complicated, and most organizations do not fully understand the magnitude of the problem. There are three main reasons why the insider threat has been ignored: Organizations do not know it's happening, it's easy for organizations to be in denial, and organizations fear bad publicity.
Post a Comment
Different Flavors Of The Insider Threat
9/22/2010There are different categories of insider threats, based on the level of access the employee has. There are four types: pure insider, insider associate, insider affiliate, and outside affiliate. Each of these categories also has different motives. Understanding each is a key to building proper preventive and detective defenses.
Post a Comment
Missing The Insider Threat
9/20/2010"I trust everyone. It is the devil inside that I do not trust" is a great line from the movie "The Italian Job." Every single person has the potential to do harm if the right circumstances occur. Yes, this includes employees.
Post a Comment
Are We Missing the Point?
8/29/2010Recently there has been a lot of talk about nuclear weapons, terrorism, and peace treaties. At the end of the day, the question remains: how do we protect a country and its citizens from attack? If that is really the purpose of the summits and the meetings, why isn't cybersecurity part of the discussion -- more importantly, the insider threat?
Post a Comment
Advanced Persistent Threat: The Insider Threat
8/16/2010APT is the buzzword everyone is using. Companies are concerned about it, the government is being compromised by it, and consultants are using it in every presentation they give. But people fail to realize that the vulnerabilities these threats compromises are the insider -- not the malicious insider, but the accidental insider who clicks on the wrong link.
Post a Comment
A Real Insider Threat Story
12/8/2009I was sitting at my desk when my phone rang. I answered, and it was a large pharmaceutical company that was interested in consulting services. It had noticed a trend with one of its foreign competitors. Every time it went to release a new product (in this particular case a new drug), one of its competitors would release a similar drug with a similar name, several weeks before it, beating it to market.
Post a Comment
Stopping Insider Attacks
11/12/2009There is no single thing you can do to prevent an attack from the inside. The concept of defense-in-depth applies here as it does to all areas of security. No single solution is going to make you secure. Only by putting many defense measures together will you be secure, and those measures must encompass both preventive and detective measures.
Post a Comment
Measuring Insider Risk
11/11/2009The key thing to remember when dealing with insiders is they have access and, in most cases, will exploit the weakest link that gives them the greatest chance of access, while minimizing the chances that they get caught. Why try to break through a firewall and gain access to a system with a private address when you can find someone behind the firewall with full access to the system?
Post a Comment
Insider Threat Reality Check
11/9/2009Organizations tend to think once they hire an employee or a contractor, that person is now part of a trusted group of people. Although an organization might give an employee additional access that an ordinary person would not have, why should it trust that person?
Post a Comment
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Name that Toon: Risky Busine
Literalist at work, boss said do the job hanging from the ceiling.
{
You want anything else boss, Yes do the ...
Latest Comment: Name that Toon: Risky Busine
Literalist at work, boss said do the job hanging from the ceiling.
{
You want anything else boss, Yes do the ...
Current Issue
Flash Poll
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-17317
PUBLISHED: 2018-09-21
PUBLISHED: 2018-09-21
PUBLISHED: 2018-09-21
PUBLISHED: 2018-09-21
PUBLISHED: 2018-09-21
From DHS/US-CERT's National Vulnerability Database CVE-2018-17317
PUBLISHED: 2018-09-21
FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the io_mode, ap_mode, io_action, io_in_iface, io_in_set, io_in_ip, io_in_mask, io_in_gw, io_out_iface, io_out_set, io_out_mask, io_out_gw, iface, or domain parameter to /ww...
CVE-2018-17320PUBLISHED: 2018-09-21
An issue was discovered in UCMS 1.4.6. aaddpost.php has stored XSS via the sadmin/aindex.php minfo parameter in a sadmin_aaddpost action.
CVE-2018-17141PUBLISHED: 2018-09-21
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
CVE-2018-17173PUBLISHED: 2018-09-21
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.
CVE-2018-17174PUBLISHED: 2018-09-21
A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using this library via malformed data.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This