Addresses the security risks that employees introduce to organizations through negligence, poor cyber hygiene, or lack of training. Content covers risk assessment methods, security awareness programs, acceptable use policies, and strategies to minimize human-factor vulnerabilities in the workplace.
posts
In May 2022, a Yahoo research scientist named Qian Sang downloaded roughly 570,000 pages of proprietary source code to his personal devices — just two weeks after accepting a job at a competitor. Yahoo's internal systems flagged the bulk transfer, but only after the damage was done. This
In January 2023, the U.S. Department of Justice charged a former Twitter employee with spying for Saudi Arabia — accessing the personal data of dissidents and handing it to foreign intelligence. He'd worked at the company for years. Passed background checks. Sat in meetings. Nobody flagged a thing
In July 2020, a 17-year-old in Florida convinced a Twitter employee to hand over internal credentials. Within hours, the attacker had hijacked accounts belonging to Barack Obama, Elon Musk, Joe Biden, and Apple — tweeting a Bitcoin scam that netted over $100,000. The most sophisticated firewall in the world wouldn&
A Disgruntled Engineer, a Careless Accountant, and $11.45 Billion in Losses In 2018, a former Tesla employee reportedly sabotaged the company's manufacturing systems and exfiltrated sensitive data to third parties. That same year, countless organizations bled data because an employee clicked a phishing link or misconfigured a
The Breach That Came From the Inside In 2022, a former Twitter employee was convicted of spying on behalf of Saudi Arabia, accessing the personal data of dissidents using nothing more than his legitimate credentials. No malware. No phishing email. Just an insider with access and motive. That case made
