Industry View
The Enemy Inside
A realistic approach to prioritizing actions to prevent privileged user or insider security threats.
By Kristin Gallina Lovejoy
Bonus Control: Implement Security Awareness ("Neighborhood Watch") Training Programs. The first line of defense from insider threats is other insiders. In fact, according to a recent CERT study, most insider attacks were identified by other insiders. As a general rule, security awareness and training programs should cover all employees and contractors, define why security policies and procedures exist, define how they are enforced and outline what the consequences will be for infractions.
There are three "gotchas" associated with this control. First, the value of awareness programs degrades over time. Effective awareness programs must be REPEATED. Second, it is hard to justify the ROI for training. Therefore these programs are traditionally underfunded. Third, they are often conducted by personnel who lack teacher skills or by those with no security knowledge.
In Summary
Theodore Roosevelt once said, "The best executive is one who has sense enough to pick good people to do what he wants done, and self-restraint enough to keep from meddling with them while they do it." While we all know this to be true, we also need to recognize that without control and accountability, our privileged insiders can cause us the greatest harm.
With the ever-increasing reliance on the Internet and connected companies, the lines have disappeared between insiders, outsiders and traditional internal and external boundaries.
The root of internal compliance policies is to protect the rights and interests of the employees, including privileged users, and shareholders. The good news is that reducing the risk of insider attack by privileged users without inhibiting our business operations is possible. It just takes some common sense, a crash course in human psychology and a good dose of technical savvy. Or, in other words, "Speak softly and carry a big stick; you will go far." (Theodore Roosevelt)
$firstKeyword
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- WagerWorks Takes Fraudsters Out of the Game Using iovation
- Understanding Versatile Authentication and Its Benefits
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
- Implementing Best Practices for Web 2.0 Security
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
