Inside the Insider Threat
We have met the enemy, and he is us
Insider threat is among the biggest challenges security folks face in 2008. The perimeter is dissolving with increased reliance on distributed computing and the mobile workforce, making it more difficult than ever to put up definitive walls around the enterprise. It's a simple reality that we all have to deal with. Check out last month's 2008 Global Information Security Workforce Study conducted by Frost & Sullivan for ISC(2) and SearchSecurity.com's coverage. Two-factor authentication using biometrics as well as physical-logical convergence will gain speed in dealing with the insider threat.
All of a sudden it feels like potentially anyone can be impacted. Check out the stories that have made headlines worldwide, from breaches of Britney Spears' and Farrah Fawcett's medical records to LendingTree customer data being compromised by former employees with still-active passwords. These are scenarios where better access management and strong authentication would have made the difference. The side benefit of implementing strong authentication is often the elevated awareness that security is taken seriously.
And now the feds are involved. They're investigating ties between hospitals and the tabloids to source and pursue the leaks of celebrity medical files.
It's clear insider threats will only become more frequent. It's simply too lucrative, and too easy to hide behind a digital identity. As an enterprise, you better know who your people are, what they are doing, and from where. Or at least get the message out that preventative steps are in the works! (more on this in a future blog).
I actually just had an interesting podcast discussion on this subject with Network World's Keith Shaw that you should check out.
What are your stories? How are you dealing with the insider threat?
--David Ting, CTO