Globally, over one-third of businesses are impacted by insider threats every year, with organizations experiencing a 47% increase in insider incidents since 2018.

Regardless of whether these incidents are malicious or accidental, the ease of access to critical information possessed by insiders and difficulty identifying, tracking, and quantifying their damage makes this a critical risk that organizations must address.
​
Pathfynder is at the forefront of establishing and maturing insider threat programs for global organizations. The following case study covers an insider threat engagement with a Fortune 50 company.

BE ON THE LOOKOUT – to our peers in the industrial manufacturing, shipping, and logistics industries, there is an active adversary purchasing look-alike domains to execute business email compromise against you.

We've looked forward to this release since March and have incorporated these sub-techniques in our threat modeling process. We've found the increased technique fidelity and the ability to address more nuanced adversary behaviors to be really impactful.

From MITRE ATT&CK:

"We’re excited to announce the release of ATT&CK with sub-techniques! We released a beta preview of the content in March, and now (with some small updates and fixes) it has become the current version of ATT&CK. Our hope is that this sets up ATT&CK on a much more sustainable path for the years to come. You can find the new version of ATT&CK and what's changed on our website (https://lnkd.in/e_DrbMC).

We've also released a new blog post pulling together what's changed, why, and how to shift to this new version of ATT&CK."