Data providers, healthcare institutions, banks, and government have the need to prevent unintentional loss of private or sensitive data, but their core business requires them exchange, or even sell, private or sensitive data - a process completely counter to data loss prevention (DLP). While not the core issue they faced, the Equifax breach highlights this DLP challenge. The vulnerability exposed Equifax to a massive data exfiltration through an "exit" from which they would normally expect sensitive information to leave. Current tools do not help enterprises that need to "break the rules" and push protected data externally - a process for which they were designed to counter. A system that prevents accidental and intentional release of enterprise sensitive data can't effectively guard the gateway where the largest amount of sensitive data enters and leaves the enterprise. Public and private data providers are critical to help business succeed, but they also need to know how to more effectively mitigate improper exfiltration of data through the very gateways they need to serve their customers and business partners.
Live by my simple adage in cybersecurity, "Machines Don't Do Bad Things, People Do." When you look the potential vectors of cyber, physical, and personnel threats: the vulnerabilities, the mistakes, and the attacks, can all be traced back to a person. Using this adage in building a cyber defense strategy, provides a new kind of framework to measure and reduce threats. The challenge: even though you may see a machine going awry, it is really, really hard to find the "bad guy" before the vulnerability is exploited or the attack is in play. So, in an effort to come at this problem a new way, let's examine "Brent's Inverted Corollary of Cybersecurity" (breaking news), "Machines Don't Do Good Things, People Do".
Common misconceptions related to the proper and cost-effective application of biometrics across heath care, financial institutions, and the public sector. Biometrics are functional and cost-effective tools when used to manage risk by linking the identity presented for a transaction to an identity previously registered. Biometrics are, however, less than ideal for cases in which a biometric collected at the transaction is compared (to find a match) with a massive biometric database of customers, patients, and even threat actors.