Insider Threats, Misused Privileges are
Leading Causes of Security Breaches
Lieberman, President & CEO, Lieberman
Business recently released its 2010 Data Breaches and
Investigations Report with some fascinating results.
According to the report, 48% of data breaches are caused by
insiders, up from only 22% last year.
surprisingly, the research also identified the misuse of
privileges as the top threat vector for the year. Even less of
a surprise is the fact that database servers were the top target in
terms of both the number of breaches (25%) and volume of records (92%).
interest to me - and now hopefully to you - was the following incident:
"THE SLIPPERY SLOPE OF INSIDER
MISCONDUCT: Verizon investigated a case in which a recently
terminated system administrator stole sensitive data from his former
employer as well as personal information belonging to its customers. He
then attempted to blackmail the organization and threatened to go
public with the information if they did not meet his demands.
Obviously, not a good situation but what makes it worse is that it
might have been avoided with a few changes in policy and practice. On
several occasions in the past, this employee had been cited for IT
policy violations and inappropriate behavior. There were harassment
complaints against him filed by other employees. Finally, when he stole
a co-worker’s password for a popular social networking site and
modified it with slanderous content, he was let go. Unfortunately, his
generic administrative account was given to his successor with a minor
password change (i.e., 'Password2' instead of 'Password1') and we’ve
already covered what happened after that."
an excellent example of what can and does happen if privileged
passwords are not properly managed. How are you managing your
report (and reports by other organizations such as DataLossDB
and the Identity
Theft Resource Center) states that public breach
disclosures were down significantly in 2009. The authors suggest that
the decline could have occurred because either the supply of stolen
data has outpaced demand, or law enforcement is becoming more effective
in capturing criminals.
In my opinion there could be a third, more ominous reason for the
decline in disclosures: the Verizon report states that discovery by
external parties – including third party-fraud detection, law
enforcement, and so on – dropped significantly in 2009. Perhaps
cybercriminals are getting better at covering their tracks.
Starting on page 59 the report offers conclusions and recommendations.
It was good to see that restricting and monitoring privileged
users was the very first recommendation. Fortunately privileged identity management software
can make this step very practical to achieve.
What do you think? Email me at: email@example.com.
Tip of the Month
Enrolling New Systems
with the ERPM/RPM Software Development Kit (SDK)
You bring new systems online in your
environment on an ongoing basis. To properly secure these systems the
minute they come online, you need to manage the administrative
credentials. Learn how you can do so easily with the Enterprise Random
Password Manager SDK in this five
Avenue of the Stars,
Angeles, CA 90067
New in Identity Week
commentary on our Identity Week blog this month includes:
have expanded our Channel Partner Program! Below is the new partner
we brought on board this month:
information on all our reseller partners, please visit our partners
- Aquion has joined our Partner
Program as a select partner. The company will market and support
Lieberman Software’s privileged identity management and security
management products throughout Australia, New Zealand and India.
Events / Press /
- ArcSight Protect 10
September 19-22, 2010. Washington, D.C. Lieberman Software is
the Diamond Sponsor of this
event. Attend Philip Lieberman's presentation on September 22 @ 10am.
Visit us in the CyberSecurity Hall!
- Windows XP: Widely Used, Widely Attacked.
Redmond Magazine. "The
growth will be explosive due to the pent up demand from Windows XP
users that have been excluded from the improvements in hardware and
software technologies due to the XP operating system's inabilities,"
said Phil Lieberman president and CEO of Lieberman Software. "We will
also be seeing ISVs exploiting more of the advanced user interface
features of Windows 7 and Server 2008 as they become the de facto
standard for desktops and servers."
Beta of Microsoft Security Essentials Released. Redmond Channel Partner. "This is
good news for consumers; bad news for McAfee and Symantec," said Phil
Lieberman, president of Lieberman Software. "Since most consumers do
not buy antivirus and antimalware software, this is a great example of
Microsoft stepping up as a responsible corporate citizen by providing
some basic free protection for those consumers that simply can't or
won't buy protection."
Your Defenses. Processor Magazine.
The process of evaluating your security defenses isn’t simply a device
for putting out fires or satisfying customer complaints about specific
system issues. These assessments are tied to a greater worth that
ensures that the entire business can operate as expected and that its
reputation remains intact.
Windows 7 Problems. Processor Magazine. “Given the very low cost of replacement
hardware that already includes Windows 7, it is generally a big mistake
to try to upgrade hardware and especially peripherals (except for
printers) that are more than three to five years old,” says Phil
Lieberman, president of Lieberman Software. “Most users should use the
64-bit version of Windows 7 with a minimum 4GB of memory."