Posted on March 4th, 2010 by Jackie Gilbert
This week, several members of the SailPoint team made the annual trek to the industry’s biggest security event, the RSA Conference. As always, the conference was a high-paced mix of conference sessions, technology debates, and meetings with customers and partners.
I’m always interested in what themes get the most play at RSA. This year, I’d have [...]
Filed under: Cloud Computing, Compliance, Insider Threats/Security Breaches, Risk Management | No Comments »
Posted on January 21st, 2010 by SailPoint
We recently conducted our third Market Pulse Survey, which focused on the key drivers of access certifications and how organizations ensure their access privileges align with business policy. According to the 150 respondents, including many readers of this blog, there is clear evidence business users involved in these processes don’t fully understand what they are [...]
Filed under: Compliance, Identity Governance, Identity Management, Insider Threats/Security Breaches, SailPoint | No Comments »
Posted on December 7th, 2009 by Jackie Gilbert
A recent Forbes feature, “The Year of the Mega Breach,” caught my attention last week. It includes a slideshow of 2009’s largest security breaches, and concludes that this year alone, more personal information was exposed through data breaches than ever before. The article appeared amid news about a T-Mobile data breach, and Health Net and [...]
Filed under: Insider Threats/Security Breaches, Risk Management | 1 Comment »
Posted on August 28th, 2009 by Mark McClain
Like many in the industry, this week’s RSA-sponsored IDC report, “Insider Risk Management: A Framework Approach to Internal Security,” caught my eye. The report led with the finding that 52% of the respondents “characterized their incidents arising from insider threats as predominantly accidental.” This in turn triggered a media storm pointing to careless, incompetent or [...]
Filed under: Identity Governance, Insider Threats/Security Breaches | No Comments »
Posted on July 7th, 2009 by Darran Rolls
I came to work this morning to read a Bloomberg article, “Goldman May Lose Millions From Ex-Worker’s Code Theft,” about a recent data breach. The details are still coming in, but allegedly a former computer programmer from Goldman Sachs, Sergey Aleynikov, downloaded and stole a copy of proprietary trading software. To me, this is an [...]
Filed under: Identity Governance, Insider Threats/Security Breaches, Risk Management | No Comments »
Posted on May 29th, 2009 by Jackie Gilbert
I read an interesting piece in InfoWorld by Roger Grimes, “A Sweet Solution to the Insider Threat.” The premise of Grimes’ article is that companies should use computer decoys, or “honeypots,” to catch workers attempting to login to resources they have no business reason for accessing.
Honeypots by their very nature are fake computers that nothing [...]
Filed under: Identity Governance, Insider Threats/Security Breaches, Risk Management | No Comments »
Posted on May 12th, 2009 by Jackie Gilbert
In SailPoint’s second Market Pulse Survey (announced yesterday), we asked Global 2000 companies about how they are managing IT risk given the economic downturn and resulting corporate churn. Not surprisingly, given the recessionary budgets and resource allocations these companies are facing, the survey showed that companies remain very exposed to the risks of insider threats [...]
Filed under: Identity Governance, Insider Threats/Security Breaches, SailPoint | No Comments »
Posted on April 23rd, 2009 by Jackie Gilbert
I’ve been at the RSA Conference all week, so I just noticed an intriguing news item from The Register on Monday. The article details survey results from an unnamed security vendor, concluding that one-third of workers are open to bribes for data theft. It’s beyond the scope of this blog to speculate on the statistical [...]
Filed under: Identity Governance, Insider Threats/Security Breaches, Risk Management | No Comments »
Posted on February 25th, 2009 by Jackie Gilbert
Heads up – there’s been another “massive” credit card security breach – the 3rd such incident in recent months. We don’t know which company suffered the breach, but it appears to be another card payment processor. We’re still in the “whisper period” as some call it – Visa and MasterCard have begun notifying banks, and banks [...]
Filed under: Identity Governance, Insider Threats/Security Breaches, Risk Management | No Comments »
Posted on February 17th, 2009 by Mark McClain
I just read a Wall Street Journal article by Bruce Schneier, the CTO of BT and a renowned security author. The piece, “Thwarting an Internal Hacker,” is timely given recent security breaches hitting the news (including Heartland Payment Systems and Fannie Mae, which he references) coupled with the economy. I’ve already written about how the [...]
Filed under: Identity Governance, Insider Threats/Security Breaches, Risk Management, User Access Control | No Comments »
