Michael Crouse

2 months ago | securityinfowatch.com | Michael Crouse

Research from the 2024 Verizon Data Breach Investigations Report suggests human error accounts for , while up to 50% of attacks use stolen credentials. Credential theft can happen in a variety of ways. One of the most common is when usernames and passwords are gained through phishing emails or social engineering attacks, in which the employee thinks a request is legitimate when it’s malicious.

Sep 10, 2024 | everfox.com | Andrew B. Distler |Michael Crouse

Traditional Insider Risk & User Activity Monitoring ProgramsEverybody knows why Insider Risk Programs exist. Mainly, to protect the organization from witting or unwitting risky activities performed by individuals with access. Of course, that’s not the only definition, and the wording may vary, but that’s usually the gist of it. Regardless of the words, that sentence just screams “we’re here to catch bad actors and stop bad things!” Which is true.

Sep 4, 2024 | everfox.com | Michael Crouse |Joe Bell

Employees are an organization’s greatest asset. What makes an organization great is not its technology, its processes, or its systems – it’s the people. Historically, the cybersecurity industry has referred to the procedure for protecting organizations and workers from compromise as Insider Threat Programs. According to The Intelligence and National Security Alliance (INSA). “The term ‘insider threat’ is in wide use.

Mar 6, 2024 | federalnewsnetwork.com | Michael Crouse

Cybersecurity is paramount for federal agencies, which is precisely why there is so much change on the horizon. To start, federal civilian agencies must adopt at least some level of zero trust architecture , per the White House Office of Management and Budget. The Defense Department, meanwhile, plans to make zero trust its baseline by 2027. New software supply chain security requirements are also going into effect. Altogether, we’re in a tremendously transitory period for the federal government.

Sep 28, 2023 | fedtechmagazine.com | Michael Crouse

Sep 28 2023 Security Insider cybersecurity breaches are often preceded by anomalous behavior. Damaging cyberattacks — many by sophisticated adversaries ranging from organized crime groups to rival nations — continuously bombard federal agencies. A breach of the MOVEit file transfer service in June is just one of several recent cyber incidents that victimized federal organizations, such as the Department of Energy, but external threats aren’t the only source of government cyber risk.