Analysis: Insider Threats Posed by Remote Workforce episode artwork

EPISODE · Apr 17, 2020

Analysis: Insider Threats Posed by Remote Workforce

from Info Risk Today Podcast · host InfoRiskToday.com

The latest edition of the ISMG Security Report offers a discussion of the potential insider threats posed by the remote workforce during the COVID-19 crisis. Also featured: An update on payment fraud shifts and the long-term outlook for the cybersecurity market.

Episode metadata supplied by the publisher feed · Published Apr 17, 2020

The latest edition of the ISMG Security Report offers a discussion of the potential insider threats posed by the remote workforce during the COVID-19 crisis. Also featured: An update on payment fraud shifts and the long-term outlook for the cybersecurity market.

PodParley-generated summary based on available episode metadata and transcript content.

NOW PLAYING

Analysis: Insider Threats Posed by Remote Workforce

0:00 0:00
of MATCHES

TRANSCRIPT · AUTO-GENERATED

The accidental insider threat, a spike in friendly fraud, and the post-pandemic side security industry. These stories and more in this week's Eyes on Security Report. Hello, I'm Nick Holland. The trifecta of a remote workforce, financial insecurity, and the COVID-19 pandemic is a perfect storm for insider threats to escalate.

What may have been highly trustworthy employees may be pushed to the brink of intentionally damaging acts such as exfiltration of confidential data, intellectual property theft, and fraud. However, a high degree of insider threat is a result of plain old-fashioned human error, and it's a golden age for business email compromise, spearfishing, and a whole host of other social engineering attacks. This week, Eyes on Security's SVP of Editorials, Tom Field, had the chance to interview Randy Trezak, the insider threat research team technical lead in the Software Engineering Institute at Carnegie Mellon's University's CERT. If you've ever been to an Eyes on Security Summit, there's a good chance you've had the opportunity to experience Randy's encyclopedic knowledge on the insider threat, and in this excerpt of the interview, Randy gives his advice on the perils of the accidental threat of the work from home in UB.

Here he is. The vast majority of your employees will not go on to maliciously cause harm against your organization. When you build that insider risk program, you want to avoid the perception of distrusting everybody. Building a program where we're trying to catch people doing something, so the vast majority of organizations will not be impacted by malicious insider incidents.

Therefore, focusing on the accidental, the non-religious is equally important, because when an organization, there really isn't in step one or two an incident response, the motivations, considerations, it's recovering from insider causing harm, so the accidental insider, someone who, as you described, gets that email that appears to be from the organization that they click on, for example, your next year's benefit package, or maybe the new virtual private network policy that appears to be coming from the IT department that entices someone to click on that link that could cause an external adversary to get into the organization's boundaries, the critical protections that you're trying to implement for security purposes. And also think about the stress as well, the stress of the employees, of the financial situations. Maybe again, they're trying to balance the work that they're doing from home, but also the home life as well, the people that have children at home now that they're basically caring for as well. Think about elderly parents that people are trying to accommodate as well.

Think about the life stresses that could be influencing as someone's working from home, their ability to fully focus on what the mission of the organization is. So it's now even more important that we have that defense-in-depth strategy in place. Ways by which that if someone does click on that phishing email, there's a secondary defense control that would not allow that executable to run that would install something on a computer that the employee is using. And also think about employees trying to do their job.

Most of them have best intent. What if they connect that external USB device? What if they're using their own personal laptop to connect to the organization as well? Maybe the same security controls aren't in place as well.

So it's a contingent upon the IT part of the organization to implement the defense in depth that could prevent, hopefully, the accidental, non-religious insight from causing fun as well. You're listening to the ISMG Security Report on ISMG Radio, ISMG, your number one source for information security news. The COVID-19 pandemic continues to transform the way we are living our lives and in no area is this more apparent than our weekly shopping habits. We're buying more online and with high average ticket prices according to new research from ACI Worldwide that compares transaction data from March 2020 to March 2019.

What this has meant is also an increase in payment fraud with increased chargebacks of credit and debit transactions and a noticeable rise in what is known as friendly fraud. Most work with Herrick Edetrick, ACI Worldwide's Data Lead, about the research findings and asked her to explain the friendly fraud stats. Here she is. Right.

Yeah. So we do obtain a number of fraudulent different data sources. One of that is issue alert which comes typically anywhere from a couple hours to three days after the transaction is authorized or settled or charged back then on average to take about 30 days across us. We also have access to underground internet really chat channels or individuals are selling personal goods credit cards and things of that nature.

So those are some of our data sources. And what those data sources have told us is that fraud is not going anywhere, fraud is pretty steady in comparison to 2019 to 2020. Like I said, the average ticket price has increased slightly but what we've seen is a slight increase in friendly fraud chargebacks and what a friendly fraud chargeback is where the consumer is making a fraudulent chargeback thing most often. I did not say this purchase and we're seeing it on some accounts that have had long standing purchasing history.

They're on the same device. They're on the same account. There's no changes to those accounts. A number of these have been at airlines, hotels as well as concerts that were going on around March timeframe and we believe this has been a result of COVID-19.

Now it could be that maybe a device was taken over, sure, but the number and the rate of which we saw the slightly increased above 2019 already is telling us that we are seeing a slight increase in friendly fraud chargebacks. And finally, it may seem like ever moving gold posts in terms of the returns of business as usual but this will eventually happen. The question being what will the cybersecurity industry look like on the other side? Tom Fields spoke with Hank Thomas of strategic cyber ventures on how our industry is poised to emerge from this crisis.

He's Hank's perspective. Well, today I see a lot of people are kind of taking a wait and see approach just how long this is going to last, but I think this is going to be a very resilient sector after the crisis. I think we're going to, if the crisis were to last through the summer, I think you would see cybersecurity come back very quickly in areas where maybe it's taken a hit already, but I think most people take the broader security sector outside of cyber. Most people view, take a step back and look at this.

This was maybe just, this might sound a little terrible, but this was maybe just a really good dress rehearsal for what the actual big one could look like. Right now, COVID-19 can't swim more than eight feet, and that's if it's got a push to get there, whereas there are other threats out there that can do that, and particularly in cyber where you have threat actors that can swim a lot further than eight feet or six feet or whatever, they could theoretically cause a lot more destruction than what we've seen via this pandemic as bad as it's been. I think we're going to see a better mix of products and services coming out of this right now. There's still very much this.

There's a product side of the house and there's a services side of the house. It's already kind of what's happening with MSSPs and other managed security providers where they're taking a human-centric approach and combining with best and pretty technology for people that sort of want to outsource a lot of these things. I think you're going to have people sort of re-look how they wrap services around products because it's clear that in this day and age, especially if you're in a remote-type environment like this, you're going to quickly need to rely on a security workforce that's somewhere else, which are also going to have to rely on deploying and maintaining the products in your security stack, and those two have to be better combined and attached to each other. That's it for this week's Ice and Security Report.

Thing music is by Ethicalio. I'm Nick Collins. Catch you next time.

That Hoarder: Overcome Compulsive Hoarding That Hoarder Hoarding disorder is stigmatised and people who hoard feel vast amounts of shame. This podcast began life as an audio diary, an anonymous outlet for somebody with this weird condition. That Hoarder speaks about her experiences living with compulsive hoarding, she interviews therapists, academics, researchers, children of hoarders, professional organisers and influencers, and she shares insight and tips for others with the problem. Listened to by people who hoard as well as those who love them and those who work with them, Overcome Compulsive Hoarding with That Hoarder aims to shatter the stigma, share the truth and speak openly and honestly to improve lives. The Small Business Startup School – Business Notes | Financial Literacy | Retail Psychology – For Professionals & Entrepreneurs The Small Business Startup School Inc. Starting or buying a small business? While personal circumstances may vary, business patterns remain timeless. On The Small Business Startup School, we explore strategies, insights, and practical solutions to help entrepreneurs confidently navigate their journey.Hosted by Ola Williams—a retail entrepreneur, fintech founder, and financial coach with over two decades of experience—this podcast marries financial awareness and retail psychology with optimism to deliver actionable takeaways.Join us to learn, grow, and connect as we uncover the keys to business success.Let’s continue to learn together and be encouraged to keep on connecting! DIOSA. Carolina Sanper This podcast is a sacred space created by Carolina Sanper where you connect with your inner wisdom and embody your magnetic feminine power.It is the realization that the mystical realm is where you plant the seeds of your desired reality.It is a portal to your true essence: awareness, presence, and receiving with ease. Welcome home, DIOSA. 🖤 XXX Tech by SOVRYN Dr. Brian Sovryn The crossroads between technology, sensuality, and metaphysics - and the longest running anarchist podcast in the world! Brought to you by Dr. Brian Sovryn.

Frequently Asked Questions

How long is this episode of Info Risk Today Podcast?

Episode duration information is not available.

When was this Info Risk Today Podcast episode published?

This episode was published on April 17, 2020.

What is this episode about?

The latest edition of the ISMG Security Report offers a discussion of the potential insider threats posed by the remote workforce during the COVID-19 crisis. Also featured: An update on payment fraud shifts and the long-term outlook for the...

Can I download this Info Risk Today Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!