#insider-risk

[ follow ]
#cisa #chatgpt #data-leakage #trade-secrets #employee-confidentiality #family-analogy #data-loss #unsanctioned-ai
fromTechCrunch
1 day ago

Trump's acting cybersecurity chief uploaded sensitive government docs to ChatGPT | TechCrunch

The acting head of U.S. cybersecurity agency CISA uploaded sensitive contracting documents marked "for official use only" to ChatGPT, according to Politico. The outlet, citing officials, reported Tuesday that CISA's acting director, Madhu Gottumukkala, appointed by Trump, triggered multiple automated security warnings that are designed to prevent the theft or inadvertent disclosure of government files from federal networks. Gottumukkala was reportedly granted an exception to use ChatGPT earlier in his tenure as CISA director at a time when other employees were prohibited.
US politics
Intellectual property law
fromGlobal IP & Technology Law Blog
2 months ago

TWO NONNAS, ONE SECRET SAUCE: Who Stirred The Pot, Who Spilled The Beans, And How To Protect Your Trade Secrets From Walking Out With The Leftovers (Sorry, Cousin Tony!)

Employees and trusted insiders pose the greatest risk to trade secret leakage, analogous to grandchildren unintentionally exposing a family recipe.
fromSecuritymagazine
3 months ago

Security Leaders Share Why 77% Organizations Lose Data Due to Insider Risks

"Every day, organizations face a spectrum of insider risk, from accidental missteps to deliberate sabotage," states Dr. Margaret Cunningham, Vice President of Security & AI Strategy at Darktrace. "The high-profile cases we see in headlines - sabotage, bribery, espionage - are real and damaging, but they're relatively rare. The daily reality is far more mundane: employees forwarding files to personal accounts, bypassing controls to meet deadlines, or uploading sensitive data into unsanctioned AI tools. These 'tiny crimes' are normalized behaviors that, at scale, create significant organizational risk."
Information security
Information security
fromInfoWorld
4 months ago

When personal ambitions undermine enterprise security

Security professionals prioritizing career advancement over cloud security increase organizational risk of breaches and operational failures.
fromSecuritymagazine
5 months ago

Take a Look Inside: Managing and Mitigating Insider Risk

All individuals with access to or knowledge of an organization's computers, networks, facilities, information, or personnel are potential insider threats, including vendors and contractors. The ability to intentionally use or accidentally misuse any of this information can breach confidentiality, reveal trade secrets, cause a data security incident, or harm an organization's personnel, ultimately impacting its reputation and ability to do business.
Information security
[ Load more ]