Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 1 October, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

The Guru Briefing: Joe Hoofnagle, Nuix

by The Gurus
March 28, 2016
in News, This Week's Gurus
Share on FacebookShare on Twitter

The Guru sat down with Nuix VP of Business Threat Intelligence and Analysis Joe Hoofnagle and asked him about a range of topics – from compliance to data analysis, see below for how companies are adapting and what the latest in analytics and security can help us accomplish today.
Guru: How can data analysis be applied to combat insider threats?
JH: It’s often thought (and preached in the industry) that organisations need to comb through every byte of data to uncover insiders looking to do harm or steal. In fact most products on the market today tout this very idea, claiming that they will search through all manner of bits and bytes to uncover companies’ issues via “behavioural analysis”. While that may be great for the data scientists of the world, most people who find themselves dealing with insider issues are typical incident responders struggling to capture and fix all they can.
Although technology is thought to be boundless, human interaction with technology is definitely not. When conducting data analysis surrounding insider threats, organisations need to focus on the tactics, techniques, and procedures one would use to access and steal information. This is actually quite simple. Remember, there are only so many ways a person can take information, for example using USB drives, cloud storage, personal email and printed data.
Guru: Is the solution to insider threats based on people or technology? Or a mix?
JH: Definitely a mix! The right technology is key, however good old detective tactics are also in order. Analysts and responders need to understand the stories that their tools are telling them, connect digital evidence to human activities, and communicate throughout their organisations to make these connections.
It takes more than just tools and technical wizards to create an effective insider threat program and gain a greater understanding of the scope of issues they find.
Guru: How do you ensure security teams aren’t drowning in data as they work?
JH: By focusing on what matters most to the organisation. If it tries to secure everything, it runs the risk of winding up protecting nothing. Identifying critical value data and placing security emphasis and efforts there will keep the organisation sane, and will also reduce costs associated with its security programmes.
Will compliance with regulations help combat the insider threat? Will guidelines such as the GDPR help companies handle data more securely? Compliance is a great first step in any security effort. However, it should only be considered as the foundation of their efforts to comply and protect. Companies also need to understand what policies, procedures, controls, and enforcement mechanisms they need to put in place in order to truly address possible security issues and not just limit themselves to “comply”.
Guru: Lots of people are telling enterprises to prepare for the GDPR, what do you think the important first step is on the way to meeting its requirements?
JH: As a first step, organisations should assess the requirements as outlined in GDPR guidance. Most will find they already have some semblance of these directives in place and may only need to add or adjust how they handle personal data of EU residents.
The bigger issue is that sometimes, organisations consider compliance as a “check box” they need to fill out.  In order to be truly be effective, appropriate policies, procedures, controls, and enforcement mechanisms need to be in place to ensure responsibility and accountability.
Guru: Is the security industry prepared to comply? Or will security teams be stretched too far?
JH: New and existing laws, directives, and guidance seem to be pulling teams into many different directions. Although when you really take a look at most of the new laws they all have one common theme; protect data. So, many of an organisation’s existing controls can be reutilised or readjusted to meet the requirements.
Thanks to Joe for speaking with us – if you want to learn more about what Nuix is working on then visit their website: http://www.nuix.com/

FacebookTweetLinkedIn
Tags: Big DatabyteCloudComplianceCyber Securitydatadata analysisemailenforcementgdprguru briefingincident responseinsider threatsjoe hoofnaglenuixsecurityThreat IntelligenceUSB
ShareTweet
Previous Post

Cyber security budgets on the rise but not in line with threats

Next Post

Bitcoin startup Coinkite closes wallet service due to “BS” of DDoS attacks, dealing with lawyers

Recent News

Guide to ransomware and how to detect it

Guide to ransomware and how to detect it

September 28, 2023
software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information