Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

How CEOs Can Protect Their Organization From the Inside-out

Post by Peter McCalister June 22, 2012

Enterprise security is a topic that makes headlines every day. From successful hack attacks to stories of unsuspecting or malicious employees putting their company’s data at risk, it would seem that no company is immune. In order to truly secure the companies we are responsible for, it’s helpful to put ourselves in the frame of mind of our employees to give us a leg-up on how to protect our organizations from the inside-out.

According to a recent report by the Ponemon Institute titled, The Human Factor in Data Protection, employee negligence or maliciousness is the root cause of many data breaches, with more than 78 percent of respondents blaming employees for at least one data breach within their organizations over the past two years.

Looking at 2011 alone, we saw countless government and financial institutions sabotaged from the inside-out. Let’s start with perhaps the most high-profile case of all – WikiLeaks. The national security risks this posed were immeasurable, not to mention the financial resources it cost the government to respond and react to the information disclosed.

Or what about Computershare? Just days after chairman and founder, Chris Morris, said first-half earnings per share would be down 15 percent, news leaked of an alleged rogue insider at the company. A former employee, (ironically a risk management auditor for the firm) had pilfered thousands of pages of company documents after illegally siphoning them onto a USB drive and then reportedly losing it. And even more recently, solar company SunPower, made news for suing five former employees and Bay Area rival SolarCity, alleging the former employees stole “tens of thousands” of highly sensitive computer files before going to work for the competition.

What these incidents clearly illustrate is that trusted insiders can pose great threats to organizations, but little is being done to mitigate these risks. Insider threats are becoming more prevalent because of the mobility of the workforce, proliferation or mobile data-bearing devices, consumerization of IT and the use of social media in the workplace. “Trusted” employees, partners and vendors operating from inside the perimeters of our organizations can do more damage, faster, than any hacker ever could. It would serve us all well to recognize a few key risky practices employees routinely engage in that have the potential to get us on the front page of the New York Times – but not for the reason we want.

First is password management. Reusing the same password and username for multiple account logins poses a greater risk of compromise, as does the sharing of passwords with others. It’s not uncommon for outside hackers to manipulate employees into sharing password information, sometimes even going so far as to pose as a colleague, and then using that information to launch their attack.

Next are employees that don’t delete information from their computers when it’s no longer necessary to save. This becomes especially dangerous if said employee travels regularly, as lost and stolen laptops are one of the biggest risks organizations face in the fight against accidental insider threats.

And of course we can’t forget the BYOD trend of employees wanting to connect their personally owned devices to corporate networks. Whether it’s a personal cell phone or tablet, or something as simple as a generic USB drive that isn’t safeguarded, these outside devices open gaping holes in any security infrastructure. Just ask Computershare how that played out.

Is there a silver bullet to protect from these human tendencies? Unfortunately, no. However, better managed privileges, along with the judicious use of IT vulnerability management reduces not only the likelihood of attacks, but also just how far the ripple effects of attacks can travel through your organization.

The bottom line is insiders pose threats to what we choose not to defend – or fix. In order to prevent 2012 from becoming another year where insider threats are making headlines on a daily basis we as CEOs need to think like an insider, examining our corporate networks for holes where an attacker or a disgruntled employee could take advantage or a mistake could be made. At the intersection of people, processes and technology that makes up the engine of modern business, it’s human nature that is the weakest link.

Leave a Reply

Additional articles

smart rules manager for vulnerabilities

Staying on Top of the Latest Vulnerabilities with BeyondInsight v5.1

It’s no secret that dozens of new OS and application vulnerabilities are revealed every day. Staying on top of these new exposures normally requires paying for services or subscribing to multiple RSS feeds. BeyondInsight 5.1 provides customers with another option: a built-in, customizable vulnerability alerting system that delivers up-to-date information on the latest vulnerabilities in…

Post by Morey Haber April 21, 2014
, , , , , ,

Getting More Value from QualysGuard Vulnerability Data with BeyondInsight v5.1

If your vulnerability assessment scans can’t produce meaningful and actionable reports, performing a scan does no good for anyone. If you’ve read my other blog posts, you know I have no qualms about stating that BeyondTrust provides the best vulnerability reporting in the industry. Ask your favorite analyst and they’ll tend to agree. Of course,…

Post by Morey Haber April 18, 2014
, , , , , , , ,

Mitigating Inside Threats to U.S. Federal IT Environments

Recent high-profile cases have increased the perceived risks that go along with disclosure and usage of confidential information. One of the most difficult security threats to mitigate is an attack from the inside. When an over-privileged user, such as an unhappy current or former employee, contractor, or consultant, begins navigating your network, how will you…

Post by BeyondTrust Software April 17, 2014
, , , , ,