Browse archive

Latest news

Targeted data stealing attacks using fake attachments

A look into the EC Council hack

New Mac spyware signed with legitimate Apple Developer ID

Ransomware adds password stealing to its arsenal

"Get free followers" scam targets Instagram users

Thoughts on the need for anonymity

Four LulzSec hackers handed prison sentences

The New Yorker launches anonymous dead-drop tool

Researchers reveal OpUSA attackers' MO

Info-stealing Dorkbot worm spreading on Facebook

Review: The Hacker's Guide to OS X

Private messages of Bloomberg clients end up online

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

User activity monitoring crucial to minimizing security risks

by Mirko Zorz - Thursday, 5 April 2012.

In this ever evolving threat landscape, willing or unwitting insiders often play a key role in security compromises of organizations.

It used to be that an organization's staff were people who knew each other for years, who interacted every day, who met and spoke in person, who had common incentives and goals.

Now, an organization's staff often includes trusted insiders that are employed by contractors, the staff of ISPs and cloud app services - people who you actually don't know, but you are expected to trust.

In this podcast recorded at RSA Conference 2012, Matthew Ulery, Director of Product Management with NetIQ, talks about need for user activity monitoring that involves your contractor's and various services' employees as well as your own.

He also offers a couple of real world examples of how this trust can be abused and this abuse prevented by managing and controlling the rights that every user has within the organization, and doing so constantly and repeatedly.

Press the play button below to listen to the podcast: