ICFE eNEWS #19-21 - June 24th 2019
Intellectual Property & Trade Secrets - Gone In 60 Seconds
What your company spent years to develop can be lost in an
instant at the hands of "Just
1 Malicious Employee",
with the click of a mouse. The continued incidents of employee
theft, intellectual property and other malicious actions, paint
a dark picture of what employees do when they are disgruntled,
moving on to a new job, are under financial pressure, or trying
to live a life style beyond their means, and may find a strong
incentives to steal from their employers.
Detecting and mitigating against Insider Threats is one of the
most difficult challenges for companies, organizations, and
governments. In fact, behind phishing, it is most often ranked
as one of the top cyber security challenges by CISO's and CIO's.
External Hackers are not the only threat your business or
organization may be facing. One of your biggest risks comes from
your own employees. A recently published Harvey Nash / KPMG survey of
nearly 4,500 CIOs and tech leaders globally, finds
that the Insider Threat problem is the fastest-growing one of
Every year, the comprehensive Verizon Data Breach Investigations
provides the industry with a deep dive into the latest trends in
cyber security incidents. The 2019 report found that Insider
Threat incidents have been on the rise for the last four years.
This year's report also shows that 34% of
all breaches happened as a result of Insider Threat actors.
More than any other industry, healthcare's breaches are
overwhelmingly caused by insiders, with nearly 60% tied to
Inside actors. Healthcare is the only industry where
insider-caused breaches outnumber external attack vectors
Numerous other reports and incidents related to Insider Threats
provide clear evidence that malicious employee actions can be
very costly and damaging to organization. Posted on the National
Insider Threat Special Interest Group and
Threat Defense Group web
sites are some eye opening reports and incidents related to the
Insider Threat problem.
Insider Threat Has Many Definitions
The Insider Threat problem is not just about stealing an
organizations data. The threats employee may pose to an
organization can be vast. The importance of defining what
constitutes an Insider Threat in your organization is critical.
The definition of Insider Threats is board, and goes far beyond
what compliance regulations define as Insider Threats.
Which Of These Are Concerns To Your Organization?
• Employee Threats (To Include; Contractor / Trusted Business
• Disgruntled Employees / Job Jumpers
• Bullying Turns Into Workplace Violence
• Sexual Harassment Turns Into Workplace Violence
• Divided Loyalty Or Allegiance To U.S. / Terrorism
• Espionage (National Security, Economic, Industrial, Corporate)
• Data Theft (Trade Secret / Intellectual Property)
• Personally Identifiable Information (PII) Theft (Identity
• Data Destruction, Information Technology / Network Sabotage
• Insiders Who Are: Unwitting, Ignorant, Negligent (Violations
Of Security Policies)
• Phishing (Credential Theft: Cyber Criminals Become Insiders)
• Cyber Criminal - Insider Threat Collusion (Data On Dark Web
• Nation State Sponsored Insider Threat
Contributing to the problem of mitigating Insider Threats, is
that some organizations assume that security certifications
holders have the knowledge required to detect and mitigate
Insider Threats, and to develop / manage the organizations ITP.
Having the in-depth knowledge to mitigate Insider Threats
requires more the just having a security certification. There
are numerous security certifications that attempt to set
baseline knowledge and skill standards for positions in Cyber
Security, Information Assurance, Information Security,
Information Systems Security, IT / Networking Security, etc. But
none of these certifications address, nor provide the core
individual needs to successfully mitigate Insider Threats.
Mitigating Insider Threats requires a holistic
and is more than just a counterintelligence, security or IT
Insider Threat course information here.
eNEWS is available FREE upon request by visiting our Web site and
filling out the contact
selecting "Yes" for "Add to Mailing List.
Please pass this eNEWS on to your peers and interested others and
invite them to subscribe
Also, visit the ICFE's new Web site: StudentDebtHelp.org
Paul S. Richard
President - Executive Director
Institute of Consumer Financial Education (ICFE)
About the ICFE:
The Institute of Consumer Financial Education (ICFE) was founded in 1982 by
the late Loren Dunton (creator of the Certified Financial Planner (CFP)
designation and founder of the College for Financial Planning in Denver, CO.)
The ICFE is dedicated to helping consumers of all ages to improve their spending
practices, increase savings and use credit more wisely.
The ICFE is an
award winning, nonprofit, consumer education organization that has helped
millions of people through its financial continuing education courses programs
and resources. In addition to eight Certification courses covering identity
theft, credit files, credit repair and credit scoring, among others, it also
publishes the Do-It-Yourself Credit File correction Guide, which is updated
annually. The ICFE has distributed over one million Credit/Debit Card Warning
Labels and Credit/Debit Card Sleeves world wide.
The ICFE is a partner
with the national Jump$tart Coalition for Financial Literacy and the California
Jump$tart chapter. The ICFE staff is also active with San Diego Saves and
Military Saves, both offshoots of America Saves.
The ICFE is also an
on-line help for consumers who spend too much. ICFE's spending help was featured
in PARADE Magazine in the Intelligence Report section. The money helps and tips
are from the ICFE's Money Instruction Book, our course in personal finance.
The ICFE helps consumers and students with mending spending, learning about
the proper use of credit, budget and expense guidelines, how to set up and
implement a spending-plan and also how to access financial education courses and
how to teach children about money. Other ICFE services include: Ask Mr. G
library, a free eNews service, and an online resource center for students,
parents and educators, plus financial education learning tools in the ICFE Book