Product Guides- Windows 7 beta shows off task bar, UI goodies
- How the yellow first-down line actually works
- Outlook '09
- Microsoft research projects to improve our lives
- Ballmer sets loose Windows 7 public beta
Linda Musthaler's CIO-level look at the latest networking technologies and their benefits and pitfalls.
When you think of IT security, you probably think of keeping the bad guys out of your IT systems. But what if the “bad guy” is authorized to use those IT systems? Insider threats are real and not so uncommon. A survey conducted by the United States Secret Service, the CERT Coordination Center (CERT/CC), and CSO Magazine found that in cases where respondents could identify the perpetrator of an electronic crime, 20% were committed by insiders.
The losses from crimes and security breaches (Compare Data Leak Protection products) conducted by insiders can be significant, often because these people know precisely where to look to obtain access to the financial accounts or intellectual property, and how to circumvent existing security measures. CERT has documented several cases where the damages were quite high, including one complex case of financial fraud that resulted in losses of almost $700 million. In another case, a technical employee of a defense contractor wrote a logic bomb that resulted in $10 million in losses and the layoff of eighty employees. And of course, we all know about the trader at Societe Generale that circumvented internal security to amass losses of $7.7 billion for his bank.
CERT/CC has published a report called "Commonsense Guide to Prevention and Detection of Insider Threats". The information is based on the analysis of more than 150 known cases of malicious insider activity – how they happened and what could have helped to prevent them. The report also includes trends and patterns in the various malicious activities, which fell into categories including insider IT sabotage, fraud and theft of confidential or proprietary information.
As the report says, “insider threats are influenced by a combination of technical, behavioral, and organizational issues, and must be addressed by policies, procedures, and technologies. Therefore, it is important that management, human resources, information technology, and security staff understand the overall scope of the problem and communicate it to all employees in the organization.”
Clearly this is not a battle just for the IT experts to fight, although technology often plays a part in both enabling and preventing insider incidents. At any rate, it’s worthwhile to review the best practices and see how they might work in your own organization.
Linda Musthaler is a principal analyst with Essential Solutions Corporation.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2009 Network World, Inc. All rights reserved. |
Comment