[ISN] Insiders are main computer security threat

From: InfoSec News (isnat_private)
Date: Tue Jun 19 2001 - 23:58:19 PDT

Next message: InfoSec News: "[ISN] 'Unstable' Hacker Faces Jail Time"

Previous message: Robert G. Ferrell: "Re: [ISN] IT's hottest job? Security expert"
Next in thread: InfoSec News: "Re: [ISN] Insiders are main computer security threat"
Reply: InfoSec News: "Re: [ISN] Insiders are main computer security threat"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://technology.scmp.com/techbiz/ZZZ8CXNL5OC.html

REUTERS in San Francisco 
Wednesday, June 20, 2001

Disgruntled insiders and accounts held by former employees are a
greater computer security threat to United States companies than
outside hackers, according to a survey released on Tuesday.

Authorised users are by far a company's biggest security threat,
according to the survey, which was conducted by market research firm
Digital Research for security software developer Camelot and eWeek
magazine.

"It's a real issue that departments apparently can't keep up with
closing accounts in a timely fashion," said Moti Dolgin, senior
vice-president and general manager of Camelot's Americas unit.

Of the 548 online surveys completed last week by eWeek readers, 57 per
cent of respondents said their worst security breaches were from
corporate users tapping unauthorised information. The second biggest
problems reported were those created by user accounts left active
after employees had left the company.

Only a minority of 21 per cent complained that outsiders gaining
access to sensitive information by hacking was their most pressing
concern.

"In most cases users get access to much more information than they
actually need to do their job," said Mr Dolgin.

The view that the biggest security threat is internal may come as a
surprise, given the media play that malicious hackers generate.

"Hacker attacks do get more of their share of media attention and
certainly are much more hyped," Mr Dolgin said. "One of the reasons is
that companies, many times, are hesitant to disclose attacks by
insiders."

The survey also found that companies are spending more on securing
their networks, in the view that prevention is cheaper than damage
control.

Nearly half the companies responding to the survey said they are
increasing their budget for network security software and hardware.

Haifa, Israel-based Camelot sells software that sets and monitors
user-access permission. Unlike systems that rely on manual
configuration, the software detects when a user is no longer active on
the network and automatically shuts down their access.




ISN is hosted by SecurityFocus.com
---
To unsubscribe email isn-unsubscribeat_private

Next message: InfoSec News: "[ISN] 'Unstable' Hacker Faces Jail Time"
Previous message: Robert G. Ferrell: "Re: [ISN] IT's hottest job? Security expert"
Next in thread: InfoSec News: "Re: [ISN] Insiders are main computer security threat"
Reply: InfoSec News: "Re: [ISN] Insiders are main computer security threat"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jun 20 2001 - 00:18:40 PDT