Blog
Round-Up of Severe Data Leaks in Asia
11.12.2024
In this weekly review of data security incidents, you’ll find details on the alleged theft of identity cards data in Malaysia and an incident with the cloud storage provider in Hong Kong.
Round-Up of Severe Data Leaks in Asia
11.12.2024
In this weekly review of data security incidents, you’ll find details on the alleged theft of identity cards data in Malaysia and an incident with the cloud storage provider in Hong Kong.
Check Out Your Password
11.06.2024
In our latest cyber news review, we are going to share with you the key takeaways from recent studies on password management habits and ATO attacks.
Connected Devices Remain the Most Popular Data Leakage Channel
04.12.2023
SearchInform together with its partner NEXTA ÇÖZÜM surveyed representatives of 100 Turkish leading companies to find out how their experts ensure data leaks protection, whether they are planning to increase data security budgets and what data channels their security officers consider the riskiest.
(In)Secure Digest: The Case of Classic Phishing Attack, Scammers Among the Team and the Dangerous Vulnerability
30.11.2023
In this November digest we gathered interesting and illustrative incidents related to data leaks, fraud and hacks.
Ways to Ensure Children’s Safety on the Internet: Cybersecurity Experts’ Views and Advice
20.11.2023
On the occasion of World Children’s Day, we share an article, containing recommendations and a few tools, which can help to protect children from inappropriate content on the Internet.
Deepfake Science Basics: How are They Created and how to Detect Them
14.11.2023
Alex Drozd, CISO of SeachInform, sheds light on deepfakes and how they are created.
(In)Secure Digest: a Leak via Contractor, Hack of Airline and Case of Corporate Fraud
01.11.2023
At the end of the month, traditionally, we’ve gathered a selection of high-profile IS incidents.
Which Aspects of Information Security it’s Crucial to Address for SMEs?
26.10.2023
Learn more about the methods of cyber-attacks that SMEs owners should be aware of.
Cyber Attack Detection: What are the Risks of Delay in the Detection and Response and how to Speed up the Attack Discovery Process?
13.10.2023
Read the article to find out how to detect a cyber attack just in time and what are the best practices are for detecting cyber attacks.
A Case in Point: You’ve got Mail
03.10.2023
Recently, it was the birthday of electronic mail. To celebrate the occasion, we would like to share the case study from our practice that involves email.
(In)Secure Digest: Pizza Lovers' Data Theft, a Million-dollar Fine and Aircraft Suppliers’ Data Leak
03.10.2023
It's time for the traditional monthly review of "classic" and non-trivial IS incidents reported by the media.
Not all the DLP Solutions are Equally Useful: How to Choose the System and not be Disappointed
29.09.2023
In this article we will examine, DLP class systems reproaches are fair and which ones are unfair and will reveal, which limitations are typical for all DLP systems and which are in fact disadvantages of some specific products.
E-mail Compromise: How to Protect Business Against BEC-attacks
27.09.2023
The senior analyst at SearchInform, Sergio Bertoni reveals, why BEC attacks are so popular and how to protect against them.
SearchInform Solutions’ 2023 Updates: Migration to PostgreSQL, Informative Metrics and Control of FTP Connected Servers
20.09.2023
In the digest on SearchInform solutions’ updates we’ve gathered details on a few major updates up to date.
How to Train Employees in Information Security Related Issues Efficiently
18.09.2023
In this article, Sergio Luis Bertoni, Leading Analyst at SearchInform will share my observations, based on the practical experience in the sphere of educational courses development.
A Case in Point: Set a Search Rule to Catch a Thief
15.09.2023
It's time to present a compelling case study that underscores the criticality of maintaining comprehensive visibility into your organization's file system.
(In)Secure digest: “shadowy” Amazon, de-anonymization of Northern Ireland police officers and pseudo-hackers
31.08.2023
Plenty of confidential data related incidents happened this month: in Australia, the data of participants in a cybersecurity survey was inadvertently disclosed, in Northern Ireland data on all police officers was disclosed, and in India, an employee was caught leaking data (once again).
SearchInform SIEM system – out-of-the box analytics and proactive incident management
21.08.2023
Nowadays, the number of both internal and external information security threats is growing steadily. Employees in charge of numerous organizations worldwide tend to understand the necessity to implement a SIEM class solution, which detects security events within the digital infrastructure.
(In)Secure Digest: a patented data leak, Bangladeshi open register and water treatment plant hack
03.08.2023
The time has come to find out if July was full with information security incidents. In our traditional digest we've gathered the most memorable incidents.
A case in point: The thirst for revenge
14.07.2023
Over the years of working, we have collected a large number of interesting cases. Some of them are amusing, some of them are surprising, but most of them has prevented serious losses for our clients. So, we figured: Why not share them with you?
Sales Manager Training for Partners
12.07.2023
Yamen Mustafa, Regional Managing Director Middle East and North Africa and Mohamed Salah Sayari, International Sales Manager and Business Development African Network, will provide a Sales training for our partners.
Human Vulnerabilities in Cyber Security
03.07.2023
As technology continues to advance, one persistent problem remains: the vulnerability of humans to cyberattacks.
(In)Secure Digest: theft of national secrets, a rogue VPN, and a fine for security guards' curiosity
29.06.2023
Here's our monthly roundup of noteworthy information security incidents from June.
Implementation department specialists' workdays: millions of questions and the requirement to know literally everything
27.06.2023
Implementation department employees can help customers to quickly manage to work with our solutions and benefit as much as possible from the software usage.
MSSP vs MDR
21.06.2023
MSSP vs MDR: what should you choose? This article will help you understand which one suits to your business needs better.
Risks of neural networks and chat bots usage
19.06.2023
SearchInform expert reveals artificial intelligence usage related risks and shares advice on how to mitigate them.
How to put on a vacation
05.06.2023
Summer is a really busy time for us. A lot of flights, trips, and then... well, vacations! For CISOs, the travel and vacation period can be a very difficult time. That’s why we implement a few strategies to ensure secure access and help employees not to forget all the IS rules while they're on the road. Let's have a look at the checklist and find out, how we do it.
(In)secure digest: data leaks with mileage, refuse to use AI and hack of an account
31.05.2023
The time has come for our traditional gather of so-called classic and extraordinary information security incidents, which were reported by mass media. In this digest we’ll reveal details on the following cases: data incident, which had lasted for ten years; hack of account of the employee, who hasn’t even set to work; unexpected cyber holidays.
Risk Management Certification
24.04.2023
Let's consider one of the most significant frameworks for managing risk is ISO 31000, an international standard that provides principles, best practices, and guidelines for managing risk in organizations.
More than half of companies limit their protection with nominal information security literacy
06.04.2023
A research on how companies prefer to train employees in information security and what methods do they implement
(In)Secure digest: if there was the “Darwin Award” in information security sphere – 2023 edition
05.04.2023
In this April compilation, you’ll find details on aquarium fraudsters, the financial manager, who squandered the company's money, "super-secure" apps, but something went wrong with them and much more.
EPP vs EDR
31.03.2023
What is the difference between EPP and EDR? Do they complement each other or they should be used separately?
Certified Risk and Information Systems Control (CRISC)
27.03.2023
Сybersecurity and risk management certification: ISACA and ISC
Best Digital Forensics Certifications
24.03.2023
The article helps you answer the three most important questions when choosing the right IT security and digital forensics certification.
(In)secure digest: enormous data leaks and insider’s revelations
02.03.2023
The time has come to discuss major data realted incidents, which happened in February.
Which sources should be controlled by the SIEM system first of all?
22.02.2023
It is very useful to maximize the SIEM system load to make sure that you won’t face a situation when something does not work appropriately in the real-life circumstances.
The SearchInform DLP deals with the smartphone threat
16.02.2023
Learn how the SearchInform DLP functionality helps to detect, whether an insider has a smartphone in hands.
What Are the Major Security Threats That Can Be Expected Through an Email?
16.02.2023
Learn more about the email risks and how to counter them.
The SearchInform DLP detects phishing and why would you need this functionality in the DLP class tool?
13.02.2023
Learn how the atypical DLP functionalty enhances your corporate protection.
(In)secure post New Year digest: “temporary” failures, corporate insider and data on everyone
02.02.2023
The time has come to discuss what happened while we were on a vacation.
Resonant cases of data leakages in APAC region
22.12.2022
There is a step change taking place in the number of data-related incidents and that is critical.
In(secure) digest: lost accounts, compensations for mega leaks and “quick as the wind” leaks
01.12.2022
This time we’ve gathered data on serious incidents: attacks on large companies, phishing, forgetful employees, whose actions led to the loss of clients’ data.
Notifiable Privacy Breaches
22.11.2022
What is required to do if a data breach incident somehow takes place?
Cyber Threats to National Security
18.11.2022
National Cybersecurity: this is how the cyber threat has intensified
What Are the Major Security Threats That Can Be Expected Through an Email?
07.11.2022
Typical email threats and how to counter them
Data Loss Prevention Use Cases
04.11.2022
This article will help you to learn how to avoid losing data.
Benefits of Managed Security Services
02.11.2022
How to implement efficient information security protection with MSSP?
in(Secure) digest: stellar social engineering, exposed servers and giants under attacks
01.11.2022
The most resonant information security incidents in our October digest: Toyota’s contractor exposed part of the code, an undercover astronaut, Australian companies experiencing cyberattacks, a massive Microsoft clients’ data leak.
Recent Security Breaches
24.10.2022
Young employees, zero trust security and other security breach risks.
Healthcare Cyber Attacks
21.10.2022
What makes healthcare organizations a popular target for cyber attacks?
Best Network Security Software
18.10.2022
What should you look for when choosing a provider of best network security software?
(in)Secure digest: boredom motivated attacks, love to fines and ethical hack
17.10.2022
We’ve compiled a selection of information security incidents, which became publicly known in September. Here we have: trustful employees, hack for joy and Morgan Stanley bank holding, which seems to enjoy paying fines for clients’ data losses.
Cyber Attacks on Critical Infrastructure
03.10.2022
Critical infrastructure: current situation and best cybersecurity practices
Best Practices for Network Security
30.09.2022
The ultimate guide to securing your industrial network using the best network security practices
Examples of Cybercrime Cases
27.09.2022
What is cybercrime and examples of a few biggest cybercrimes
Emerging Cyber Threats
22.09.2022
An overview of cyber threats, endangering companies and organizations worldwide in 2022.
Data Privacy Day
19.09.2022
What is The European Data Protection Day and why data privacy is so important
Biggest Corporate Frauds
13.09.2022
An overview of some biggest cases of corporate frauds in history.
Best Endpoint Protection
05.09.2022
What is an efficient endpoint protection and a slight overvierw of best solutions.
(In)secure digest: the smell of data leaks, deep fake in the Zoom and an option of becoming the nobility member for only €1000
01.09.2022
In August many employees are still on a vacation, however, this doesn’t refer to fraudsters, judicial and law enforcement system representatives. In our traditional digest among other you’ll find – one more shot in the foot and another example of peoples’ craving for a fairy tale.
Insider Threat Statistics for 2022 The seriousness of insider threat
11.08.2022
What is an insider threat and who is an insider? What types of insider threats exist? How to detect an insider threat and what is required to do in order to mitigate risks? You may refere to the article and find out.
(In)secure digest: lawsuit for leaks, insidious phishing and record leak of personal data
29.07.2022
The time has come to discuss if July was full with cyber incidents. As usual, we’ve gathered the most impressive cases, reported by mass media. Here we have unreliable suppliers, long-suffering Marriott, experiencing new data leaks and not very responsible personal data operator, which seems not to care about clients at all.
(In)secure digest: personal data newsletter, hacked state services and endangered farmers
07.07.2022
The time has come to reveal some “classic” and non-trivial information security incidents. As usual, we’ve gathered some of the most impressive cases of the month in our digest.
Important trends in corporate security
21.06.2022
In this article we continue to deal with the topic of corporate security, and we’ll provide a slight overview of some information security trends and advice on how top-managers may eliminate the ongoing risks.
New concept of organization’s security
20.04.2022
It seems that the time has come to elaborate new approach to the concept of organization security
I resolve to… leave those security errors for good in 2021
27.12.2021
The resolutions for businesses to begin the New Year without old mistakes finally cleaning up the awareness mess which never seems to be untangled
Why dismissed employees take revenge and what prevention measures to implement
17.12.2021
Revenge hacks and what prevention measures to take
Business continuity and information security integration
13.12.2021
How to make security part of a general risk prevention and mitigation program
Major fraud cases in healthcare revealed this year
26.11.2021
Pfizer discovers an insider working for a competitor, whereas Genentech hit the news with a deep-rooted story months ago.
What kind of DLP system do you need in 2022?
08.11.2021
David Balaban reflects on the DLP vendors' race for attention, adding of new features, sometimes going beyond the boundaries.
The more they know the less they care
18.10.2021
More and more people are unwilling to share their personal data with third parties
Facebook security upgrade decision leaked
15.10.2021
The company decided to exempt a number of employees from groups which have access to internal message boards.
How to tell the difference between a phishing email and a real one?
07.10.2021
Don't become a phisher’s target, it's avoidable.
Multi-party breaches vs third-party related incidents
30.09.2021
Ripple events are nearly untraceable and affect hundreds of companies
Data overexposed in manufacturing sector
21.09.2021
The relevant statistics and most common security issues in 2021 so far
Users are monitored by gadgets Should we turn down everything digital?
15.09.2021
Who should you trust in a digital world?
How to configure DLP and not to overlook a leak
30.08.2021
How efficient are DLP systems with preset configurations? Can a system be configured once and for good? Learn how to adjust the settings here.
Top 5 actions to be taken by CEO to increase cybersecurity
08.06.2021
Top 5 actions to be taken by CEO to increase cybersecurity and employee trust in the company
Trello boards indexed by major search engines put at peril business processes of Russian companies
04.06.2021
Almost a million Trello boards, thousands of which contain corporate data of large and small Russian companies, were publicly available.
Not all DLP systems are equally helpful
27.05.2021
How to choose a system and not to get disappointed
Why FileAuditor? SearchInform customer gives an elaborate answer
19.05.2021
SearchInform customer – scientific technological pharmaceutical company Polysan – has deployed FileAuditor, a DCAP system, and shared the first impression with the company.
Outsourcing the role of information security officer
23.04.2021
A piece of insight into infosec as an MSSP solution
Order in your files and folders: how to organize access control and protection against leaks
20.04.2021
Expansion of the IT infrastructure complicates controlling who accesses, copies, moves from folders, and deletes information. In case company's confidential files and folders are not organized, it's almost impossible to keep that data secure. The task is solved with specialized DCAP systems.
(In) Secure digest: the hit parade of the most comical infosecurity incidents
07.04.2021
The most comical infosecurity incidents to laugh and learn from it. Enjoy, but tread carefully!
Blocking that does not slow down business processes
05.04.2021
Interview with Sergey Ozhegov, CEO of SearchInform
Is the system really hidden on an endpoint? All about invisible DLP control and where its cloak of invisibility loses powers
02.04.2021
The DLP doesn’t function in a hidden mode for nothing: on the one hand, it doesn’t interfere with the work of respectable employees, on the other hand, it helps to catch insiders off guard.
Fraudsters won’t miss a chance — what threats to people and business remain in 2021
31.03.2021
The “Roaring 20s” is no longer a euphemism from the last century, in the 21st the new decade also began loudly.
How to detect an employee accepting kickbacks using DLP?
24.03.2021
Proven schemes for searching for corrupt individuals in the company.
How to surf the flow of information security events: use SIEM system correctly
26.02.2021
Security Information and Event Management works on the principle of video surveillance. Cameras stand for connectors that collect data from hardware and software, whereas the object of the surveillance is an IT infrastructure featuring PCs, network devices, and servers. When configured properly, SIEM simplifies the monitoring of information security. How to organize the work, what to control first, and how to respond to incidents? - we will answer these questions using the example of SearchInfo
(In)Secure digest: default passwords, sensitive info for free, and phisher salary.
12.02.2021
Every month we collect "classic" and non-trivial incidents on Infosecurity across the world and in Russia in particular. Here is our first digest for 2021.
Insider check: could you be damage to your company?
27.01.2021
The test will define you as a certain type of insider. Remember: any employee could become a culprit of a leak, however, circumstances are different. We don’t mean to pretend “scientific”, we intend to make this test entertaining and informative.
Legal monitoring, smartphones control and your employee personal portrait
20.01.2021
These and other ticklish issues regarding the launch of information security solution within your system.
Why does healthcare require the severest cybersecurity measures?
25.12.2020
Innovations are designed to improve the quality of service and save time for patients and doctors, however, doctors and patients realize how vulnerable medical information is.
2020 infosec in pictures
23.12.2020
You've been with us all this year and you remember all 2020 news we've shared with you. Let's smile and frown at it together!
FAQ: Frequently Asked and Finally Answered
16.12.2020
15 questions the monitoring solution developer responds to during seminars.
(In)secure digest: Tesla sabotage, hospital blackmailer and excessively patriotic President
13.11.2020
Every month we enrich our collection of classic and non-trivial cybersecurity cases. Data leaks, frauds, sabotage, and other incidents caused by insiders are of our interest.
Indian companies chose cloud
12.11.2020
83% of companies chose cloud to deal with cybersecurity issues of remote work quick
How much can a former employee cost you?
09.11.2020
Keeping the accounts of dismissed employees active and failing to revoke excessive rights might be one of the biggest mistakes a company can make.
(In) Secure digest: the science of information security, death cyberattack, and bank leaks
27.10.2020
We collected "classic" and non-trivial incidents reported by foreign media
10 questions about the DLP system: why do I need it, what can I do, and what can't I do?
14.10.2020
Today DLP system’s purpose is not just monitoring data leaks as it was in the beginning - now DLP systems are commonly used to solve a much broader list of problems.
Rights and wrongs when creating profile
08.10.2020
How can you analyse employee personality and steer clear of breaching privacy?
Data breaches analysis
25.09.2020
SearchInform analysed breaches that occurred in the first half of 2020.
Database Monitor access control management
17.09.2020
SearchInform Database Monitor is a database activity monitoring software, which purpose is to mitigate an insider breach.
Data Protection in the Cloud
14.09.2020
Security innovations and strict compliance are key in achieving the utmost security for your cloud data.
The Darwin Awards in Information Security World
09.09.2020
...or 7 stories about stupidity, careless work, credulity and their consequences
What is confidential information and how does it affect your finances?
07.09.2020
There is an edifying example, which proves common knowledge that there is many a slip ‘twixt cup and lip.
Use case: user behavior and insider detection
04.09.2020
Insider threat is a tough and quirky menace to track down and pin.
Use case: eDiscovery
28.08.2020
Proper information governance facilitates data search and analysis required for internal investigation.
Use case: file cleanup
27.08.2020
In order to transform disorganized data into valuable insights you certainly need a powerful tool, which will assist you in file analysis ensuring frequent information verification.
Ensuring security and compliance in multi-departmental teams
26.08.2020
As different departments have their own specific risk management frameworks they lack correlation and coordination - enterprise risk management ensures consistency.
If a data breach - then data protection tips
21.08.2020
A detailed check-list of actions to take in order to save the data
Two important data protection questions to answer: Why and How to protect data at rest, in motion and in use
14.08.2020
A short explanation why to protect your sensitive data, types of data and advice on how to protect data at rest, in motion and in use.
Key features of employee monitoring software
07.08.2020
Are you sure that your employees do not goof off? Are you sure your employees are not idling away precious hours of productivity they rather spend on work-related tasks?
User activity audit, investigation
06.08.2020
There are so many contextual factors to sift through that actually finding the newest threat and eliminating it is an encumbering job.
Compliance
06.08.2020
Regulatory internet data laws you should be aware of and maintain compliance with
Use case: access control and change management
06.08.2020
The solution boosts risk assessment ensuring that access rights are properly managed and privileged user activity is under control, data access policies are in place and kept updated.
Data protection and classification
04.08.2020
The massive impact of access to your data being obtained and an outsider security risk materializing cannot be overstated.
Access rights audit
04.08.2020
Our data need insurance, and just like we have to cover every other potential risk that we couldn’t afford compensating for if it materialized, we need to conduct a security audit of our sensitive data.
Impactful data breaches in 2020 so far
31.07.2020
Sometimes people do the simplest cyber security mistakes, namely, misconfiguring a database or using the same password for their bank account that they used for their social media
Life changing risks pentesters take to help you boost security (cont.)
28.07.2020
The very courthouse that they broke into last night and now they’re sitting in the courthouse waiting to see the judge.
Life changing risks pentesters take to help you boost security
27.07.2020
Conducting a penetration test on a courthouse and defending in front of a judge in the same building a few hours after – this is what happened to two pentesters working under contract.
Businesses’ role in cyber security and threat prevention
20.07.2020
The financial service company sector is targeted more than any other industry, as attacks against them account for over a quarter of cyberattacks.
Mobile device encryption
08.07.2020
Businesses realized the important role devices play as long ago as 2004, thus giving rise to mobile device management, a set of tools and practices that allow administrators to manage devices, apps, and increase device security.
How to stop hackers
06.07.2020
Hacking isn’t quite as flashy as in the movies and it takes a major time investment on the criminal’s part, however it is every bit as damaging and threatening to companies as it is portrayed
Corporate espionage
02.07.2020
A little-known evil that is occurring today is the phenomenon of industrial espionage. In fact, this is a problem that has been around for quite some time.
Internet privacy laws and regulations
30.06.2020
One of the greatest challenges in the world today is making the Internet a secure place.
The cloud services revolution
29.06.2020
Conducting software and web operations is an expensive endeavor indeed.
The information security team
26.06.2020
Cyber criminals are working very hard to discover top-secret company information in order to sabotage it or sell the information to other companies.
Security in an ever more connected world
25.06.2020
We live in a world that is forever shrinking, and the more connected we become to the things in our environment, the more convenient our errands and everyday work become.
How to detect suspicious activity in databases till information gets exported
23.06.2020
As SearchInform releases Database Monitor we want to detail the way to use the DAM solution so that violating access rights and making changes to sensitive documents become transparent for those responsible for risk mitigation and data protection.
The CIA and its major security incident
18.06.2020
This year the processing of the court case considering the employee who breached the CIA's data in 2016 to WikiLeaks has been resumed
Monitoring solution in the cloud
11.06.2020
According to the research conducted by SearchInform, each company detected a user attempt to take at least some corporate data, whereas only 26% controlled employee activity with the help of monitoring software.
Database access audit
09.06.2020
The solution for protection of information stored in databases monitors data export and user requests and alerts to any change
To be applied... New apps, new laws
04.06.2020
Will the privacy limits be reconsidered? Dedigitisation as utopia
How to measure the performance of remote and onsite employees
02.06.2020
Going remote is a challenge, and work discipline might “shiver”. There is a chance that as soon as employees put on slippers and robes they will feel too comfortable and that will impact the quality of their performance.
How do crisis and stress affect your team?
28.05.2020
The need to transfer employees to remote work appeared to be one of the reasons to get stressed - businesses have to make such a transition to avoid losses and try to keep it going for as long as required.
The ways companies risk security in a crisis: external threats
26.05.2020
Pandemic, oil collapse, global economic crisis, there are enough reasons for concern in 2020. However, these are not the only factors that will influence businesses all over the world.
The ways companies risk security in a crisis: internal threats
26.05.2020
According to the research by SearchInform, 100% of companies identified the attempts of employees to take corporate data during the first months of using the company’s services
The rise of virtual private networks
22.05.2020
Everyone is well aware that criminals on the internet are becoming savvier every day.
Have companies managed to shift to remote work?
21.05.2020
SearchInform has conducted a research on companies’ experience in shifting to remote work and keeping business processes going.
Staying ahead of malware
21.05.2020
With all the benefits that the worldwide connectivity of the Internet offers, so too come the vulnerabilities.
Social engineering prevention
20.05.2020
When cyber criminals target organizations, their target normally is people themselves, because they can be manipulated. 70 to 90 percent of data breaches occur as a result of social engineering.
Server performance monitoring
19.05.2020
In order for a website to operate, a database to be accessed from a distance, or e-mails to be facilitated, there must be a server to power this process.
Common unethical business practices
18.05.2020
We live in a world full of risks and individuals who are willing to do others harm when an opportunity for personal gain presents itself.
As businesses keep staying remote. Use cases
18.05.2020
Which instruments can be installed and how do they help?
Software security and efficiency
15.05.2020
With all of the programs the ordinary user has installed on his computer, users are frequently proposed to have a software update performed.
As businesses keep staying remote
15.05.2020
The insight into key threats and brief reminder why you shouldn't set it loose.
Setting up access to company files
14.05.2020
Due to potential social engineering and the fact that many losses that companies suffer are related to employees, access control system installation is a major factor in ensuring company security.
Remote work: the way of the future?
29.04.2020
Nobody would deny that the world is going digital. Like it or not, things are becoming ever more automated as technology facilitates business processes to an ever larger degree.
Access control
29.04.2020
We all know very well that companies have their secrets as to the way they operate and that companies are always interested in the state of their security and potential losses
Compliance issues in the workplace
29.04.2020
One of the ways that companies are gaining more success and reducing crime is through compliance issue management – compliance on all policy, in a broad spectrum of areas.
Personal data protection
29.04.2020
Despite the greater amount of opportunities and convenience that the Internet provides us, we also find ourselves vulnerable in the event that we fall victim to an Internet scams.
Risk management
29.04.2020
No matter what you do in life, there are always risks. And this is a good thing, because without risk, there is no potential reward.
Social engineering attacks
28.04.2020
With how connected the Internet is today, a lot of information that we couldn’t afford to share is potentially within the grasp of the most inventive malicious predators online.
Risk management in healthcare
28.04.2020
Our health information is a private issue. For a number of reasons, people’s health information being shared could result in negative consequences.
Project management tools
28.04.2020
Project management software also provides us a range of benefits, from scheduling events to creating project plans, and there are certain methods and tools that, if taken into account, provide a multitude of benefits and evade numerous risks that make it worth obtaining
Employee time tracking
27.04.2020
On both fronts, time tracking software stands to render the lives of employees and employers much easier.
Employee monitoring software: is it illegal?
24.04.2020
The first question one might ponder is: “Is it illegal to monitor employees’ computers?” The issue of employee monitoring has become a bit of a contested topic in recent years.
Indispensable services during lockdown
10.04.2020
Solutions we use for remote working and industries we need for isolated living
Morrisons' implication has been ruled out
02.04.2020
And the company might “set precedent”, according to The Telegraph
Is there a safe way of using apps?
02.03.2020
And what is more dangerous: spyware or mere negligence when using digital services?
Five sectors that benefit most from employee monitoring software
19.02.2020
Improvements in technology have radically changed the way we work
2019: trends and breaches
27.12.2019
This autumn, experts have counted 5183 data breaches around the world compromising 7.9 billion records, and 2019 was claimed to be the worst in the history of data leakage.
How to max out SearchInform services
12.12.2019
Do you consider launching comprehensive monitoring of your internal business processes and even reinvent business continuity management strategy but aren’t sure you want to delve into risk management program and hire extra staff, assign your specialists to the new job and purchase the system to integrate it with your business architecture and implement all the control? If you do – read and learn how to establish a smoothly supervized workflow and not to the detriment of your primary activities.
Deepfake: when audio forged by social engineering becomes a global threat
09.12.2019
According to Gartner, by 2022 30% of all the cyberattacks could be targeted at damaging data, which is the material for neural network algorithm manipulations, as well as at the theft of ready-made machine learning examples.
Wanted: who is the most dangerous employee in a bank?
06.12.2019
They all work with different information, dealing with data at rest and data in use, have their own tasks and use specific instruments.
Voice assistants risk assessment
22.11.2019
Voice assistants became subject to investigative journalism — a few high profile publications made readers think twice before using a “helper” or even talking close to the microphone. And that is what we have learned this year.
Data at rest encryption
21.11.2019
Whether your data encryption is on your computer, a flash drive, on a cloud, or includes your entire disc, proper encryption and management are essential to keep your resources and data safe and ensure that you maintain compliance.
What is a DLP system? How do active DLP systems work in 2019?
07.11.2019
Although everyone is aware of risks that their data could be stolen, this is only the beginning of the IT risks companies must safeguard themselves from.
Data protection
06.11.2019
Business processes are migrating into a virtual environment, and companies have long started to keep e-document flow while introducing new management technologies.
Data forensics
17.10.2019
When most people hear the word “forensics”, what usually comes to peoples’ minds right away is that it will involve somebody in a lab and a white coat working long hours.
Protecting information on flash drives | how to protect files on flash drives
15.10.2019
A joint study of Illinois and Michigan universities revealed that 48% of people plug in random flash drives. We have selected the main points and findings which prove that the user behaviour plays an important role in protecting information.
Risk management matrix
14.10.2019
We take risks every day, from the moment we wake up until we go to bed at night, as they are a normal part of life.
What is an insider threat detection program?
10.10.2019
Although we all hope that we can trust each of our employees and that it will never happen to us, the truth is that malicious insiders are a relevant risk in today’s corporate world.
What is data at rest?
06.10.2019
Under the conditions of today’s digital climate, sooner or later your information will eventually find its way into the wrong hands.
Main aspects of information security
02.10.2019
Corporate security is not a new phenomenon. What we now understand as corporate security has existed since the emergence of trade. Merchants sought to protect their professional secrets from competitors in order not to lose profits.
Security risk management assessments
20.09.2019
Security risk assessments are performed for the purpose of identifying, evaluating, and prioritizing risks associated with a company’s use and operation of information systems to its operations and assets.
Employee monitoring issues
18.09.2019
Business ethics are the contemporary norms, set of values, and principles guiding the actions and behavior of employees at the companies they work for from a legal and moral standpoint.
Employment of friends and relatives
10.09.2019
The Sales Department had not been fulfilling a plan for three months. The reasons were unobvious: it was a business season, and there were no issues with the discipline and skills of the employees, but the number of deals has decreased.
Detection and mitigation of internal corporate risks
07.09.2019
The meaning of risk is the possibility of loss. Thus, what risk management entails is the process of identifying, analyzing, assessing, and prioritizing risk.
Risk assessment matrices
05.09.2019
With the plethora of risks that accompany running a business, it is much more practical to have everything organized in written form or, better yet, in the form of diagrams for a concrete, concise representation of which risks the company faces as well as the severity of them.
Email monitoring
04.09.2019
As much as companies try to foster a culture of positivity in the corporate environment, put all sorts of system limitations in place, and emphasize strict company policy to keep employees from engaging in things they shouldn’t be doing, fraud still goes on, and it is rampant, hence the demand for email monitoring.
Configuring DLP system
02.09.2019
The installation of a DLP system can be managed even by a novice system administrator. However, its fine-tuning requires some skills and experience.
Web activity monitoring
27.08.2019
In the technology era in which employers are looking to squeeze everything out of their employees that they can and optimize business efficiency to the max, a plethora of process optimization industries have sprouted up that offer to facilitate businesses’ success.
Remote employee monitoring
24.08.2019
As of late, there has been a great rise in employers’ desire to keep as close an eye on their employees as possible and analyze their activities in-depth to achieve the best idea of the level of their performance and the degree to which they are complying with policy.
User behavior analytics
22.08.2019
Given the widely known and harnessed power of data analytics, companies utilize all sorts of information on their customers for a variety of purposes. Many use this information to most efficiently allocate their marketing expenses.
Fundamentals of IS | Fundamentals of IS. data protection
17.08.2019
The founder of cybernetics Norbert Wiener believed that information has the unique characteristics and cannot be described as neither energy nor matter. A special status of information as a phenomenon resulted in a proliferation of definitions.
User activity monitoring
16.08.2019
The more that a company knows about its workers, the more it can harness that knowledge to propel the business’ success to the next level. Employers do not want to leave productivity up to chance.
Internal auditing
14.08.2019
It goes without saying that efficiency is one of the most basic ingredients of a successful business and there is always room to ameliorate.
Insider threat statistics
10.08.2019
A company having its secrets and confidential information stolen, its funds robbed, or damage caused to it is an ever-present threat that companies may take appropriate measures to avoid.
HR investigations
04.08.2019
Although the primary function of a human resources department is to recruit and train personnel, there are many situations in the workplace that HR has to deal with, including ethics breaches and company policy violations.
IS Worldwide | The problems of information security in the world
01.08.2019
By information security, we mean a set of organizational and technical measures to ensure the protection, integrity, accessibility and manageability of data arrays.
Extremist activity in the team
26.07.2019
The department head noticed that an employee’s work had changed for the worse.
Shell companies and drug network
26.07.2019
Company N called for a tender for preparation of design estimate documentation. At the stage of receiving requests the company found out that one of their employees had attempted to participate too.
Employee productivity
23.07.2019
Every bit of what makes a company successful comes from work implemented through the actions of a company’s employees.
How to digitize human factor
20.07.2019
Prevention is the key process of incident management – it is better to discover reasons and sources of a possible security breach than to fight consequences. Potential insiders are not easy to detect, and general data safety approach including basic instruments are not sufficient to reveal a violator.
Computer forensics
18.07.2019
When you discover that your enterprise has been victimized by cybercrime or breached, your first thought is to seek out the origin of the crime.
Business continuity
16.07.2019
Considering the significant amount of money most people have invested in their businesses, it is important that the full rewards of it can be reaped.
Search for a new job
12.07.2019
An employee was viewing vacancies on his corporate computer and receiving invitations to job interviews sent by business competitors. A company's risk manager detected the suspicious activity and took the employee under control.
Insider threat tools
09.07.2019
While all the hype about unknown threats breaching a company’s privacy, stealing its confidential information and company secrets, purposefully inflicting damage to its public image, and robbing it of its funds is worth keeping in mind to protect against, the losses that would result from that actually occurring are not as great as most people believe.
Distribution of negative opinion
04.07.2019
The system detected the correspondence between colleagues discovering one of the employees being outraged by the incentive system and other aspects of the management approach to employees.
Data security and data encryption in business
02.07.2019
Encryption involves a plain text being coded into “encrypted” form using a cipher text and then being “decrypted” with a cipher text by the recipient on the other end.
Corporate fraud investigations. Fraud security & protection
28.06.2019
Corporate fraud could be defined as a loss to a corporation due to deceitful management. These schemes are often marked by their complexity and economic impact.
What is Risk Mitigation Strategy? Define Risk Evaluation Plan
24.06.2019
To define risk mitigation, let us first specify what risk is. “Risk” is the possibility of loss. Thus, risk mitigation entails a concentrated effort to reduce adverse effects.
What is Risk Management? Solutions, Strategies, Services & Tools
16.06.2019
Anyone who has ever been involved in business knows that there is risk everywhere. What is risk management?
How to Reduce Internal and External Threats to Organizations
12.06.2019
With the current state of the global economy and employees feeling ever more pressure, internal security threats are on the rise.
Illegal business arrangements
11.06.2019
Employees can create their own legal entities that will interact with an employer company. For example, fraudsters can use their job positions and promote their own enterprise as a counterparty and at the same time offer disadvantageous terms and conditions of cooperation.
What is Fraud Detection? Fraud Detection Software & Solutions
07.06.2019
From advancing computing speeds to high-performance analytics to machine learning and other forms of AI, fraud prevention technology has come a long way.
What is Employee Monitoring Software or Employee Tracking System?
20.05.2019
Do you know what your employees are up to? Businesses are well aware that gaining a good understanding of what their employees are up to can work wonders in raising their work efficiency.
Information Security Threats
17.05.2019
Information security in the broadest sense is a combination of means to protect information from accidental or deliberate exposure.
Information Security Incident Management | IS Incident Management
10.05.2019
The system of data leakage protection is based, above all, on the detection, prevention, registration and mitigation of information security incidents or events that violate regulated procedures.
Protection Against Information Leaks | Organization the protection of information from leakage through technical channels
01.05.2019
We reviewed the results of the study related to the leakage of financial and other corporate confidential information.
How to Choose a DLP System
27.04.2019
The global market of information security tools offers a wide range of DLP systems (Data Leak Prevention). And the demand for them is only growing.
Identifying terror threats
23.04.2019
The correspondence of employees in the corporate chat was intercepted. The employees were discussing the war in Syria, and one of them spoke negatively of Russia’s role in the conflict.
Methods to Protect Information | Methods and Tools for Data Protection
18.04.2019
Computer data is prone both to loss due to malfunction or destruction of equipment, and to theft. Protection methods include the use of hardware and devices, as well as specialized technical tools with software.
DLP systems | What is a DLP system, and how does it work?
14.04.2019
As of today, the market of DLP systems is one of the fastest growing among all markets of information security tools.
Concept of DLP Systems | What is a DLP system?
09.04.2019
DLP software is used to protect confidential data from internal threats. However, even if information security specialists adopted protection tools and use them against external violators, struggle with internal violators is more challenging.
Using personal mailbox
05.04.2019
A car center employee was caught sending sensitive data from corporate to personal email.
Personal data leakage
01.04.2019
The risk management department noticed that one of the dentists of the state clinic used to send to his personal email cards with health data.
Communication with competitors
25.03.2019
An employee received a message with an offer to meet and discuss “some common issues”.
Leakage of a customer database
22.03.2019
A security policy response attracted the attention of the risk managers responsible for monitoring to the abnormal activity of an employee who accessed the customer databases that include the information on individuals.
Attempt to leak tender documentation
20.03.2019
The results of the monitoring revealed that the employee was ordered to send the document to this email address by his manager.
Leakage of a supplier database
18.03.2019
The study of user relations made it possible to establish that the employee transmitted information to her husband who had a plot with the company's competitors.
Payoffs
17.03.2019
An employee logged into the personal mailbox from the corporate computer – a DLP system automatically "scanned" the last sent and received emails.
Leakage of a company's business plan
15.03.2019
With the help of the integrated policies the system alerted to a suspicious activity - one of the employees discussed the company's short-term development plans with an unknown user via Skype.
Leaking the company's know-how
12.03.2019
The risk management department found confidential files on the computer of an employee who wasn't authorized to access them. Moreover, when the incident happened, the employee was on vacation.
Fraud Detection & Prevention Software: Business, Accounting, Banks
09.03.2019
If most people were asked if stealing is wrong, they would answer “Yes”. In spite of this, organizations all over the world lose about 4 billion dollars to fraud on an annual basis.
How to Prevent Identity Theft & Fraud. Types of Corporate Frauds.
07.03.2019
Avoiding corporate fraud is no easy task considering the great variety of forms of embezzlement and deception that may take place. In the past 20 years, over 1,000 executives have been convicted of corporate fraud.
Attempt to leak the local network topology
02.03.2019
The risk management department spotted one of the lawyers copying the document with the schemes of local networks and communication of the company to the personal flash drive.
Integration of DLP Systems | Integration of DLP Systems in the company
14.11.2018
DLP (Data Leak Prevention) is a comprehensive software product to prevent theft, modification and dissemination of confidential information. DLP-system monitor all the traffic within a protected corporate network.