I've done a lot of work in the past few weeks trying to get you to truly understand the person we've dubbed "The Insider". We've discussed who they are, and why they do what they do. Today I'm going to be looking at exactly what it is these insiders are trying to take. What are the targets?
Intellectual Property. Trade Secrets. It's all the same. Property that your company has invested a large amount of money in developing and producing. One of the key points that I try to drive at every security presentation I deliver is the importance of doing asset valuation and data classification. It's right about now that you should be asking yourself, "What do I have within my org that someone would want?" That's a really good question....how do we determine that? The beauty of this, is that for once, you are not alone. It's not just up to the security guys to determine what is/is not valuable to the organization. It's a collaborative effort between you and the business owners to determine the key data. It's anything that gives your business competitive advantage. Some are fairly obvious. If you're Coca-Cola or Kentucky Fried Chicken, then it's their secret formulas (Mmmm.....extra crispy and an ice cold Coke. Yummy). But what about the other stuff?
Here are some items that your competition will be targeting, along with a brief explanation:
If the above items weren't enough, then there even a few bonus targets that the insiders may try and acquire. Here's a brief list:
I think we understand the data that's being targeted inside your organization. This is not an exhaustive list! You need to use this as a starting point, and take it from there!! Remember to do the proper risk assessment, and assign appropriate valuation to assets. These examples should be a good starting point.
Next time, we're going to get into discussing the way the bad guys are getting the info when they don't have access, and we'll end with a discussion of various tradecraft they use to exfiltrate the data from your company. Gear up, we're about to learn the how of spycraft.
NEXT TIME: Insider Threat continues with: "Getting Your Data Through Social Engineering"