{"id":18388,"date":"2022-02-28T10:00:34","date_gmt":"2022-02-28T18:00:34","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/02\/28\/news-12121\/"},"modified":"2022-02-28T10:00:34","modified_gmt":"2022-02-28T18:00:34","slug":"news-12121","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/02\/28\/news-12121\/","title":{"rendered":"How Microsoft can help reduce insider risk during the Great Reshuffle"},"content":{"rendered":"<p><strong>Credit to Author: Emma Jones| Date: Mon, 28 Feb 2022 17:00:00 +0000<\/strong><\/p>\n<p>These are exciting and demanding days for organizations adapting to hybrid work realities, including a wider distributed workforce and more rapid change in employee roles. Organizations are becoming more agile as they refocus on employee onboarding and empowerment, opportunities with third-party partners, and cloud transformation. These dramatic shifts drive business resilience and upside in a world still coping with pandemic disruptions.<\/p>\n<p>These workplace shifts test and break an organization\u2019s compliance postures as executive, IT, and risk professionals take stock of resulting gaps and blind spots. Research from Carnegie Mellon University\u2019s CyLab, with support from Microsoft, found that a majority of surveyed organizations had experienced over five malicious insider threat incidents in the last year (69 percent of respondents), and over 10 inadvertent or data misuse incidents (58 percent of respondents).<sup>1<\/sup><\/p>\n<p>Underscoring the stakes of the moment is the business sector\u2019s high-profile challenge: the Great Reshuffle of employee roles and talent. Microsoft\u2019s 2021 Work Trend Index found that 41 percent of the global workforce was considering leaving their employer due to burnout and a lack of workplace flexibility.<sup>2<\/sup> The cyber risk ramifications of reshuffles like this are clear when you consider the data exposure that can occur with a mix of departing employees and new staff unfamiliar with the organization\u2019s security and compliance policies.<\/p>\n<p>The best course of action for navigating the changing data landscape isn\u2019t overly restricting employee access or aggressively punishing small errors. Organizations <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/compliance\/insider-risk-management\">need a solution<\/a> that lends employees the access they need while providing IT teams tools to quickly identify risky insider activity. This balance of trust is critical when implementing an insider risk program and can create a culture of empathy that empowers employees to work safely and independently.<\/p>\n<p>We\u2019re excited to announce a few new features that can help organizations better manage their insider risks, while also facilitating a corporate culture of safety and respect.<\/p>\n<p><div class=\"fluid-iframe\" style=\"\"> \t\t<iframe title=\"Video Player\"  src='https:\/\/www.microsoft.com\/en-us\/videoplayer\/embed\/RWWlkJ' width=\"100%\" height=\"420\" frameborder=\"0\" style=\"\"><\/iframe> \t<\/div>\n<\/p>\n<h2 id=\"improving-insider-risk-management-visibility-context-and-integrations\">Improving insider risk management visibility, context, and integrations<\/h2>\n<p>Identifying and managing security and data risks inside your organization can be challenging. <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/insider-risk-management-solution-overview?view=o365-worldwide\" target=\"_blank\" rel=\"noreferrer noopener\">Insider risk management in Microsoft 365<\/a> helps minimize internal risks by empowering security teams to detect and act on malicious and inadvertent activities in your organization. Where traditional tools and strategies may focus on preventing sensitive data from leaving your organization, insider risk management leverages machine learning to correlate signals around risky user behavior and identify which activities may result in data theft or data leakage. These insights help security teams to identify potential concerns and can help accelerate time to action.<\/p>\n<p><a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/communication-compliance?view=o365-worldwide\" target=\"_blank\" rel=\"noreferrer noopener\">Communication compliance in Microsoft 365<\/a> helps organizations foster safe and compliant communications across corporate communications. In the world of hybrid work, organizations seek out communication and collaboration tools to empower employees to do their best work. At the same time, they need to manage risk in communications to protect company assets, fulfill regulatory compliance obligations, and detect code of conduct violations, like harassing or threatening language, sharing of adult content, and inappropriate sharing of sensitive information. We are honored that &nbsp;Gartner\u00ae has listed Microsoft as a Leader in its 2022 Magic Quadrant<img decoding=\"async\" src=\"https:\/\/s.w.org\/images\/core\/emoji\/13.1.0\/72x72\/2122.png\" alt=\"\u2122\" class=\"wp-smiley\" style=\"height: 1em; max-height: 1em;\" \/> for Enterprise Information Archiving, a market \u201cdesigned for archiving data sources to a centralized platform to satisfy information governance requirements.\u201d<sup>3<\/sup><\/p>\n<p>Built with privacy by design, the solutions ensure that user names are pseudonymized by default, role-based access controls are built-in, and investigators must be explicitly added by an administrator.<\/p>\n<p>Today, Microsoft is excited to announce new functionalities in insider risk management and communication compliance for Microsoft 365:<\/p>\n<ul>\n<li>Enhancements to sequence detections.<\/li>\n<li>Enhancements and additions to insider risk investigation capabilities.<\/li>\n<li>Enhanced cumulative exfiltration anomaly detection capabilities.<\/li>\n<li>Enhanced audit trail of investigator and analyst activity.<\/li>\n<li>New classifier to detect customer complaints made about your organization&#8217;s products or services in communication compliance.<\/li>\n<\/ul>\n<p>Microsoft 365 E3 customers are welcome to sign up for an <a href=\"https:\/\/signup.microsoft.com\/signup\/logout?OfferId=7B74C69A-2BFC-41C9-AAF1-23070354622D\" target=\"_blank\" rel=\"noreferrer noopener\">Insider Risk Management Trial<\/a> or the <a href=\"https:\/\/signup.microsoft.com\/signup\/logout?OfferId=d53d8416-fd1f-4552-831c-b5828ef2cbde&amp;ali=1\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft E5 Compliance Trial<\/a> through the Microsoft compliance center.<\/p>\n<h3 id=\"enhancements-to-sequence-detections\">Enhancements to sequence detections<\/h3>\n<p>To help security and risk management teams accelerate time to action when it comes to insider risk management, it\u2019s important to provide a rich context of risky user activity that goes beyond a transactional view.<\/p>\n<p>In 2021, we introduced <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/insider-risk-management-policies?view=o365-worldwide#sequence-detection-preview\" target=\"_blank\" rel=\"noreferrer noopener\">sequence detection<\/a> to help analysts and investigators identify a series of connected activities and get a better understanding of intent. Today, we\u2019re excited to announce enhancements to our sequence detections, including the ability to identify changes in document sensitivities, such as a document label being downgraded from Confidential to Public in an effort to evade detections. Insider risk can also detect sequences that may start on an endpoint device, providing greater visibility into the risky activity that may start on a workstation or device. We\u2019ve also included additional exfiltration signals to broaden the coverage of sequences, including visibility for when a user uploads data to a cloud as a potential exfiltration step.<\/p>\n<h3 id=\"enhancement-and-additions-to-insider-risk-investigation-capabilities\">Enhancement and additions to insider risk investigation capabilities<\/h3>\n<p>With insider risk management, your security, data protection, or investigative teams have new tools and capabilities to better understand and investigate the risky activities happening in your environment.<\/p>\n<p>This update includes an improved user experience for drilling down into sequences within the activity explorer. With these latest updates, security teams can get better insights into user activity types, including the ability to filter by activity category in the user activity view.<\/p>\n<p>The improved alert triage experience in insider risk management includes a new summary user alert history timeline to provide better context, as well as an enhanced alert overview page.<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"1432\" height=\"805\" src=\"https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/GRS-1.jpg\" alt=\"New summary alert timeline in Insider Risk provides context on risky user activity.\" class=\"wp-image-107610\" srcset=\"https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/GRS-1.jpg 1432w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/GRS-1-300x169.jpg 300w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/GRS-1-1024x576.jpg 1024w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/GRS-1-768x432.jpg 768w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/GRS-1-687x385.jpg 687w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/GRS-1-1083x609.jpg 1083w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/GRS-1-767x431.jpg 767w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/GRS-1-539x303.jpg 539w\" sizes=\"auto, (max-width: 1432px) 100vw, 1432px\" \/><\/figure>\n<p>Furthermore, insider risk management administrators can now set up email notifications for high severity alerts or for policy health recommendations.<\/p>\n<h3 id=\"enhanced-cumulative-exfiltration-anomaly-detection-capabilities\">Enhanced cumulative exfiltration anomaly detection capabilities<\/h3>\n<p>With cumulative exfiltration anomaly detection (CEAD) in insider risk management, organizations can leverage machine learning models to detect when a user\u2019s exfiltration activities exceed the organizational averages. This can help to detect exfiltration activities that security teams might traditionally miss through data loss prevention (DLP) or structured policies alone. <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/insider-risk-management-policies?view=o365-worldwide#cumulative-exfiltration-detection-preview\" target=\"_blank\" rel=\"noreferrer noopener\">Learn more about CEAD.<\/a><\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"717\" height=\"340\" src=\"https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/IRM-1.jpg\" alt=\"Enhanced alert review experience, including the new visual for cumulative exfiltration anomaly detection.\" class=\"wp-image-107460\" srcset=\"https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/IRM-1.jpg 717w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/IRM-1-300x142.jpg 300w\" sizes=\"auto, (max-width: 717px) 100vw, 717px\" \/><\/figure>\n<p>With these latest updates, there are new visuals to represent potentially risky activity, making it easier for investigative or analyst teams to review and triage user activity against the organizational normal. CEAD will also prioritize cumulative exfiltration of sensitive documents based on prioritized SharePoint sites and built-in <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/sensitive-information-type-learn-about?view=o365-worldwide\" target=\"_blank\" rel=\"noreferrer noopener\">sensitive information types<\/a>, as well as Microsoft Information Protection (MIP) label prioritization. &nbsp;<\/p>\n<h3 id=\"enhanced-audit-trail-of-investigator-and-analyst-activity\">Enhanced audit trail of investigator and analyst activity<\/h3>\n<p>When security or investigative teams are looking into organizational activity, it is crucial that investigations align with regulatory requirements and your organization\u2019s compliance and security policies. It is also key to ensuring objectivity on the part of the investigators and analysts who are reviewing user activities.<\/p>\n<p>Microsoft is announcing new audit events for insider risk management, including audit events of activities within the content explorer, activity explorer, and user timeline. These additional audit log events mean that anyone reviewing audit logs will have a better understanding of what investigators or analysts did within the insider risk management interface.<\/p>\n<h3 id=\"new-customer-complaints-model-in-communication-compliance\">New customer complaints model in communication compliance<\/h3>\n<p>In highly regulated industries, such as financial services, pharmaceuticals, and food, organizations are mandated by law to track and address customer complaints made on their products or services. We are excited to announce the preview of a new customer complaint classifier that detects possible complaints filed by customers and surfaces matches for customer complaint management.<\/p>\n<p>This new feature can help organizations meet regulations that mandate detection and triage of complaints, such as the Consumer Financial Protection Bureau and the Food and Drug Administrator requirements. Additionally, this feature can help organizations gain insight into how to improve their products and services.<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" loading=\"lazy\" width=\"1434\" height=\"845\" src=\"https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/IRM-2.jpg\" alt=\"View of customer complaints classifier during policy configuration.\" class=\"wp-image-107463\" srcset=\"https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/IRM-2.jpg 1434w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/IRM-2-300x177.jpg 300w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/IRM-2-1024x603.jpg 1024w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/IRM-2-768x453.jpg 768w, https:\/\/www.microsoft.com\/security\/blog\/uploads\/securityprod\/2022\/02\/IRM-2-440x260.jpg 440w\" sizes=\"auto, (max-width: 1434px) 100vw, 1434px\" \/><\/figure>\n<h2 id=\"microsoft-partners-with-other-security-leaders-to-address-insider-risk\">Microsoft partners with other security leaders to address insider risk<\/h2>\n<p>In addition to our work in growing the capabilities of our insider risk management and communication compliance solutions, Microsoft is focused on reducing insider risks through partnerships and knowledge sharing. <strong>Microsoft is a Founding Research Sponsor of MITRE Engenuity\u2019s Center for Threat-Informed Defense (Center), which launched a knowledge base to identify insider threats.<\/strong> See the Center\u2019s <a href=\"https:\/\/medium.com\/mitre-engenuity\/launching-a-community-driven-insider-threat-knowledge-base-20a249acb2f\" target=\"_blank\" rel=\"noreferrer noopener\">release announcement here.<\/a><\/p>\n<p>This latest resource from the Center is designed to help insider threat programs and security operation centers (SOCs) \u201cdetect, mitigate, and emulate insider actions on IT systems\u201d and to stop those behaviors deemed risky or damaging. <a href=\"https:\/\/ctid.mitre-engenuity.org\/our-work\/insider-ttp-kb\/\" target=\"_blank\" rel=\"noreferrer noopener\">These resources<\/a> include a Knowledge Base of Tactics, Techniques, and Procedures (TTPs) and the Design Principles and Methodology report.<\/p>\n<p>As a Founding Research Sponsor, Microsoft researchers and security practitioners collaborated with other security industry partners to share TTPs and insights for what we are seeing in the insider risk space. \u201cMicrosoft\u2019s work with the Center team and other security leaders confirms that <a href=\"https:\/\/resources.sei.cmu.edu\/asset_files\/TechnicalReport\/2019_005_001_540647.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">insider risks pose a huge threat<\/a> and that <a href=\"https:\/\/www.mitre.org\/publications\/project-stories\/the-human-factor-using-behavioral-science-to-counter-insider-threats\" target=\"_blank\" rel=\"noreferrer noopener\">detection requires context beyond standard TTPs<\/a>. Through this program, Microsoft\u2019s Digital Security and Resilience and engineering teams partnered with and learned from others, and we are excited to see the collaboration in this space grow,\u201d shared Rob McCann, Principal Data Scientist in Microsoft\u2019s Security Research division. \u201cThis initial Knowledge Base sets the stage for industry-wide expansion and increased awareness of insider risk across the security community, and helps lay a foundation for further development and understanding of the insider risk landscape. This is an exciting step forward, and we\u2019re grateful to have been a part of it.\u201d<\/p>\n<p>The insights and learnings from Microsoft\u2019s participation in the Center have reaffirmed the priorities that have shaped Microsoft\u2019s investments, both internally and in solutions available to our customers, including insider risk management.<\/p>\n<h2 id=\"building-an-effective-insider-risk-program\">Building an effective insider risk program<\/h2>\n<p>Over the past 18 months, we have seen high-profile insider risk incidents across a number of industries, ranging from data theft to corporate code of conduct violations. Recent high-profile examples have included the theft of confidential documents related to COVID-19 vaccines in the pharmaceutical industry to workplace harassment.<\/p>\n<p>PwC and Microsoft advocate for an enterprise-wide approach to insider risk by leveraging key stakeholders to identify potential insider risks and tailor technical controls to address them. See how your organization can benefit from this approach by downloading the PwC and Microsoft whitepaper <a href=\"https:\/\/www.pwc.com\/us\/en\/services\/alliances\/microsoft\/cybersecurity\/insider-risk-management.html\" target=\"_blank\" rel=\"noreferrer noopener\">Building an effective insider risk management program<\/a>.<\/p>\n<h2 id=\"get-started\">Get started<\/h2>\n<p>These new features in insider risk management and communication compliance for Microsoft 365 have already rolled out or will start rolling out to customer tenants in the coming weeks. These solutions are also generally available across government clouds, supported in Government Community Cloud (GCC), GCC-High, and US Department of Defense (DoD) tenants.<\/p>\n<p>We are happy to share that there is now an easier way for you to try Microsoft compliance solutions directly in the <a href=\"https:\/\/compliance.microsoft.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft 365 compliance center<\/a>. By enabling the trial in the compliance center, you can quickly start using all capabilities of Microsoft Compliance, including insider risk management, communication compliance, records management, Advanced Audit, Advanced eDiscovery, MIP, DLP, and Compliance Manager.<\/p>\n<p>If you are a current Microsoft 365 E3 user and interested in experiencing insider risk management, check out the <a href=\"https:\/\/signup.microsoft.com\/signup\/logout?OfferId=7B74C69A-2BFC-41C9-AAF1-23070354622D\" target=\"_blank\" rel=\"noreferrer noopener\">Insider Risk Management Trial<\/a> or the <a href=\"https:\/\/signup.microsoft.com\/signup\/logout?OfferId=d53d8416-fd1f-4552-831c-b5828ef2cbde&amp;ali=1\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft E5 Compliance Trial<\/a> to see how <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/compliance\/insider-risk-management\">insider risk solutions<\/a> and analytics can give you actionable insights.<\/p>\n<p>Learn more about how to get started and configure policies in your tenant in the supporting documentation for <a href=\"https:\/\/docs.microsoft.com\/microsoft-365\/compliance\/insider-risk-management-plan\" target=\"_blank\" rel=\"noreferrer noopener\">insider risk management<\/a> and <a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/compliance\/communication-compliance?view=o365-worldwide\" target=\"_blank\" rel=\"noreferrer noopener\">communication compliance<\/a>. Keep a lookout for updates to the documentation with information on the new features over the coming weeks.<\/p>\n<p>To learn more about Microsoft Security solutions,&nbsp;<a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\">visit our&nbsp;website<\/a>.&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us at&nbsp;<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noreferrer noopener\">@MSFTSecurity<\/a>&nbsp;for the latest news and updates on cybersecurity.<\/p>\n<div style=\"height:30px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n<hr class=\"wp-block-separator is-style-wide\"\/>\n<p><sup>1<\/sup><a href=\"https:\/\/cylab.cmu.edu\/_files\/documents\/summary-irm-survey-results-20210331.6.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Insider Risk Management Program Building: Summary of Insights from Practitioners<\/a>, CyLab, Carnegie Mellon University. May 2021.<\/p>\n<p><sup>2<\/sup><a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365\/blog\/2021\/09\/28\/the-great-reshuffle-and-how-microsoft-viva-is-helping-reimagine-the-employee-experience\/#:~:text=Microsoft%E2%80%99s%202021%20Work%20Trend%20Index%20found%20that%2041,experts%20are%20referring%20to%20as%20The%20Great%20Reshuffle1.\" target=\"_blank\" rel=\"noreferrer noopener\">The Great Reshuffle and how Microsoft Viva is helping reimagine the employee experience<\/a>, Seth Patton, Microsoft 365. September 28, 2021. <\/p>\n<p><sup>3<\/sup><a href=\"https:\/\/www.gartner.com\/doc\/reprints?id=1-2866IAUH&amp;ct=211118&amp;st=sb\" target=\"_blank\" rel=\"noreferrer noopener\">Gartner, Magic Quadrant for Enterprise Information Archiving<\/a>, Michael Hoeck, Jeff Vogel, Chandra Mukhyala, Gartner. January 24, 2022.<\/p>\n<p>Gartner and Magic Quadrant are registered trademarks of Gartner, Inc. and\/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.<\/p>\n<p>Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner\u2019s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/02\/28\/how-microsoft-can-help-reduce-insider-risk-during-the-great-reshuffle\/\">How Microsoft can help reduce insider risk during the Great Reshuffle<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/security\/blog\">Microsoft Security Blog<\/a>.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/02\/28\/how-microsoft-can-help-reduce-insider-risk-during-the-great-reshuffle\/\" target=\"bwo\" >https:\/\/blogs.technet.microsoft.com\/mmpc\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Emma Jones| Date: Mon, 28 Feb 2022 17:00:00 +0000<\/strong><\/p>\n<p>These are exciting and demanding days for organizations adapting to hybrid work realities, including a wider distributed workforce and more rapid change in employee roles. These dramatic shifts drive business resilience and upside in a world still coping with pandemic disruptions.  <\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/02\/28\/how-microsoft-can-help-reduce-insider-risk-during-the-great-reshuffle\/\">How Microsoft can help reduce insider risk during the Great Reshuffle<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/security\/blog\">Microsoft Security Blog<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10759,10378],"tags":[12534,24073,25159,4500],"class_list":["post-18388","post","type-post","status-publish","format-standard","hentry","category-microsoft","category-security","tag-compliance","tag-compliance-and-security","tag-compliance-series","tag-cybersecurity"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18388","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=18388"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/18388\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=18388"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=18388"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=18388"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}