In one of the most sobering presentations about the current state of security delivered during (ISC)² Security Congress 2021, security expert Lisa Forte said no matter how many protective measures an organization takes, it can never achieve zero risk. Insider threats are always a possibility.
Forte, co-founder of Red Goat Cyber Security, used her keynote speech on the third and final day of Security Congress to drive home the point that insider threats have gotten harder to identify. Not only does technology make it easier to steal data, bad actors also can manipulate insiders into becoming unwitting spies. And that’s on top of those insiders who are willing collaborators.
To minimize risk, Forte said companies should take a number of measures, including training, monitoring, and instituting whistleblowing policies that encourage employees to report suspicious behaviors.
To illustrate how corporate spies operate in the digital age, Forte told the story of a U.K. scientist, John Buckingham, who was working at a lab and ended up sharing privileged information with his Bulgarian girlfriend, Sveti. The girlfriend turned out to be a spy who persuaded Buckingham to upload what was supposed to be a video of her dance performance so he could give her feedback.
After attempting to download the MP4 file with his iPhone, Buckingham was instead talked into using an older computer in his lab, which presumably had fewer malware protections than more updated machines. “Unbeknownst to John, the video was perhaps a little less MP4 and a little more malware,” Forte said.
The lab systems became infected, Buckingham was inte ..
Support the originator by clicking the read the rest link below.
