Get Pricing Start Free Trial

Insider Threat Blog

NISPOM Conforming Change 2
Posted on Thursday, June 2, 2016 by Gaby Friedlander
NISPOM Conforming Change 2 was released May 21, 2016: The Department of Defense published Change 2 to DoD 5220.22-M, “National Industrial Security Operating Manual (NISPOM).” NISPOM Change 2 requires contractors to establish and maintain an insider threat program to detect, deter and mitigate insider threats. Specifically, the program must gather, integrate, and report relevant and credible information covered by any of the 13 personnel security adjudicative guidelines that is indicative of a... Continue Reading →
Posted on Wednesday, May 25, 2016 by Matt Zanderigo
You’ve just performed a digital investigation of an employee and determined they are an insider threat. Now what do you do? Here’s a quick overview and sneak peek at our webinar about how to perform an employee investigation with Human Resources (HR). We’ll show you: How to provide an insider threat incident rating to determine the correct action How to prepare for an insider threat discussion with an employee or contractor How to proactively interview an Insider Threat How to work with your HR... Continue Reading →
Posted on Wednesday, May 25, 2016 by David Mai
ObserveIT earns yet another industry achievement for its ability to help enterprises address and solve security risks. We are proud to announce that International Data Corporation (IDC) has named ObserveIT an IDC Innovator in the behavioral analytics and identity awareness market. ObserveIT's Insider Threat Management platform is a proactive security solution that keeps insiders (employees, vendors, etc.) in policy, and when someone acts out of policy, records the session automatically to speed... Continue Reading →
Posted on Monday, May 23, 2016 by Lorenzo M. Rodriguez
We witness daily how causes such as poor planning, little monitoring by senior leadership, lack of budget allocated to security, or negligence of system administrators, among others, are why security incidents are seemingly always in the news. Here, organizations end up hurting both the assets thereof, and their clients, generating serious image problems. Therefore, many companies end up putting patches on their cyber security systems, buying more and more perimeter security solutions, which is... Continue Reading →
Phishing Emails
Posted on Tuesday, May 10, 2016 by Matt Zanderigo
As much as Insider Threat involves malicious employees trying to steal data, trade secrets and other information, many forget that the Insider Threat is also comprised of employees who make simple mistakes; mistakes that can cost your company millions of dollars. These mistakes include responding to Phishing Emails and Pretexting Emails.  For context, a Phishing Email (also referred to as SpearPhishing) tries to get an employee to click on an attachment, which generally has some type of malware... Continue Reading →
Unintentional Insider Threat
Posted on Thursday, April 28, 2016 by Matt Zanderigo
Traditionally, the term “insider threat” invokes images of malicious employees lurking in the shadows of an office attempting to steal company secrets or bring down the system. The reality is that this type of evil insider is infrequent at most companies, with instances of these types of threats occurring once in a blue moon. The real threat and biggest risk to confidential data is the negligent employee, more commonly categorized as the unintentional insider threat. ObserveIT recently held a... Continue Reading →
Gartner Logo Employee Monitoring
Posted on Monday, April 25, 2016 by Matt Zanderigo
A couple of weeks ago, Gartner released a research note on the employee-monitoring market, in which ObserveIT was included as one of the vendors. This paper defines the market and presents their key findings and recommendations for organizations considering deploying an employee-monitoring solution. They describe it like this: CISOs should coordinate enterprise use cases for employee monitoring to select and implement EM products and services that help with insider threat mitigation, regulatory... Continue Reading →
Unintentional Insider Threat
Posted on Wednesday, April 20, 2016 by David Mai
When a person, company or news organization mentions the term Insider Threat, images of shadowy employees, spies, or black-market transactions may come to mind. Even Wikipedia defines Insider Threat as, “a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud,... Continue Reading →
Posted on Friday, April 15, 2016 by Matt Zanderigo
Everyone wishes their organization could be more secure. With the number of hackers, Insider Threats and other threats to your cyber security out there, you can always find a new security practice to enact. For this post, we're not to telling you about encrypting data or putting up firewalls. We’ll assume you already have those implemented. These ten best practices for 2016 are items you may not have considered, but definitely should. Take a look at the list and see if any of these best... Continue Reading →
It’s Time to Upgrade the Airport Access Control and Badging System - What Questions Should I Ask?
Posted on Thursday, April 14, 2016 by Jeffrey Price, CM, CPP, CASP, CHS-II
Airport security managers throughout the United States are responsible for the computerized physical access control systems (PACS), which allow thousands of workers into secure areas of the airport on a daily basis. Many of these systems were upgraded shortly after 9/11, but now time is coming for the next upgrade. What questions should airport security managers ask potential vendors about how their systems are addressing today’s evolving cyber vulnerabilities?  The threat to aviation continues... Continue Reading →


Try it Now
Contact Us