Today, one of the standard cybersecurity tools is to constantly monitor the Dark Web – the global go-to destination for criminals – for any clues that the trade secrets and other intellectual property belonging to the organisation have been compromised.
The issue lies in the fact that the majority of chief information security officers (CISOs) and security operations centre (SOC) managers generally assume that any discovery of sensitive company data indicates that their enterprise systems have been successfully compromised. That’s what it might very well mean, but it could also mean a hundred different things. The data may have been stolen from a supply chain partner, a corporate cloud site, a shadow cloud site, an employee’s home laptop, a corporate backup provider, a corporate disaster recovery firm, a smartphone, or even a thumb drive that was pilfered from a car.
When dealing with everyday intellectual property, such as consumer personal identifiable information (PII), healthcare data, credit card credentials, or designs for a military weapons system, knowing that some version of it has been acquired is useful. However, it is nearly hard to know what to do unless the location, timing, and manner of the theft are known.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: