This is currently an area I've been focusing on for the past month or so. I've been doing a lot of reading, fact finding, research, etc. around the topic of data leakage that occurs when users are essentially stealing data from within your business. This ties into economic espionage, which is another major concern for businesses today.
So what's to say about Insider Threat. It's out there. It's actually more of a risk than "external attack" to your business. Why is that? Well, with insiders, they already have access to the data. This normally isn't any "super secret access" they've managed to secure for themselves through diabolical means. Instead it's normally access that you've given them based on their role within the organization. "Bob in Accounting? Why he'll need access to SERVER1, SERVER 3, and SERVER44....but we should probably go ahead and grant him access to the CUSTOMER database and the BILLING database, just in case he needs them. No need to make this guy's life difficult. We certainly don't want to get a nasty email from the VP of Finance later!"
Over the next few posts, I'm going to be taking a look at what Insider Threat is, how it happens, and ways we can use to help mitigate it's impact on our business.
Before we get started, I want to really give credit to one of the biggest resources I've found. The book "Insider Threat: Protecting the Enterprise from Sabotage, Spying and Theft" by Eric Cole and Sandra Ring really had some great point in it. It is really only one of the few books out on the topic. There are of course, many many surveys, 3rd party research findings, reports, etc. that I used in putting together the presentation on this topic, but Eric and Sandra's book is very well written. I highly recommend investing in a copy.
Why Do Companies Ignore Insider Threat?
So Why is Insider Threat a Greater Risk Than External Attack?
It all comes back to risk management and risk assessment. Is it easier for someone to break into your house to steal the money out of your change dish, or for a guest to swipe a few dollars once you've invited him in?
Okay, if you got any great amusing anecdotes about Insider Threats, please feel free to comment. I love reading them and do try to reply to each.
NEXT TIME: Insider Threat continues with "Prove it! Show us the Statistics!"
PingBack from http://security-samizdat.com/understanding-and-reducing-insider-threat/