From the Office of the CTO: Building Effective Insider Threat Programs

Three Short Stories To begin this latest post and in order to properly frame the Insider Threat conversation, rather than use obscure statistics in an effort to convince you that you should be suspicious of all your employees and coworkers, I think it is much more effective to tell you a few stories. None of these stories come from my clients and none of this information is privileged. You can…

The Importance of Data Security and Insider Threat Programs in Mergers and Acquisitions

Mergers and acquisitions have become an important part of many organizations’ growth strategy. In most large transactions, countless hours are spent on due diligence, whether that due diligence is related to the financial health of the company, compliance with applicable regulations, or a variety of risk factors. Refreshingly, cybersecurity has emerged as a risk factor that is getting significant attention as part of the due diligence process. However, there is…

Why Identifying and Protecting Critical Information Assets Should be a Foundational Element of your Security Program

The digital world has become a scary place, one which many people fear, and one in which few organizations feel they are adequately protected. Every day, there is more news about breaches, new threats, zero day attacks, adversarial groups, and a barrage of new technologies that claim to solve all of these problems. Some of the technologies are very good, logical extensions to the security platforms we already have in…