10/8/18: Dtex, Insider Threat, Privacy News: Dtex Earns Leadership, Product Awards; Insider Compromises French Law Enforcement Agency; The Big Hack
Last week, awards organizations based in the United Stated and United Kingdom recognized Dtex for its product excellence and leadership. The Golden Bridge Awards honored the Dtex Advanced User Behavior Platform for innovations in insider threat detection. The SecuritySerious awards named Dtex VP of EMEA Mark Coates as Best Cyber Security Sales Leader. It named Dtex Insider Threat Specialist Katie Burnell as runner up in the Apprentice Rising Star category. The combination of product and people awards further validated that Dtex delivers to its customers powerful technology and amazing human expertise.
Katie and Mark were recognized during the SecuritySerious awards reception in London last week. Dtex will receive its Gold award for Data Protection Innovation later this month during a black tie gala. You can read more about the SecuritySerious awards in ComputerWeekly and Infosecurity Magazine.
Insider Threat News
The insider threat continues to find its way into headlines. A few from last week demonstrating that it is an international issues that plagues the private and public sectors include:
- French police officer caught selling confidential police data on the dark web. By Catalin Cimpanu of the ZDNet Zero Day blog, it details how a French police officer was charged and arrested last week for selling confidential data on the dark web in exchange for Bitcoin.
- The FBI and Corporate Directors: Working Together to Keep Companies Safe from Cyber Crime. In an official Federal Bureau of Investigations (FBI) speech transcript, Director Christopher Wray told the National Association of Corporate Directors and Global Board Leaders, "We’re worried about a wider range of threat actors, from multi-national cyber syndicates and insider threats to hacktivists."
- Amazon Fires Employee for Sharing Customer Emails. This story in The Wall Street Journal by Laura Stevens reports that last Friday, Amazon notified some customers that their email addresses were shared with an outside seller on its platform in violation of the company’s policy. Amazon said it had identified and fired the employee responsible for sharing the information. No other customer information was disclosed, and the seller who received it was blocked from selling on Amazon, the company said.
- Data Breach Notification: Quest Nutrition. This report to the California Attorney General data breach reporting site reveals that negligent and vulnerable employees of this leading online retailer of consumer snack foods caused a data breach after falling for a phishing attack.
The Big Hack
The Big Hack continues to dominate security news. The blockbuster Bloomberg Businessweek story alleges that China's military may have planted surveillance hardware on motherboards that have an almost ubiquitous presence across the world's biggest tech and cloud providers. Since hitting the newsstands, hundreds of follow-on stories and opinions have published. One was particularly interesting. It revealed that the allegations could impact the $10 billion United States Department of Defense (DoD) JEDI project clout contracts. It also included multiple insights from cybersecurity experts on the seriousness of the implications and what could be done to mitigate them. David Wilcox, Dtex VP of Federal, weighed was invited to weigh in:
David Wilcox, a cybersecurity expert who spent 37 years at the National Security Agency, said if the reports are correct, Amazon did the right thing. “They took their product and had it scanned by a security company that was doing their job."
Read the entire story: China Spy Chips Report Adds Pressure on Pentagon Cloud Security
It is important to mention that named companies in The Big Hack included Apple, Amazon Web Services (AWS) and Supermicro. All have denied the claims, with US and foreign government agencies supporting their assertions.