[ISN] Insiders are main computer security threat

From: InfoSec News (isnat_private)
Date: Tue Jun 19 2001 - 23:58:19 PDT

  • Next message: InfoSec News: "[ISN] 'Unstable' Hacker Faces Jail Time"

    REUTERS in San Francisco 
    Wednesday, June 20, 2001
    Disgruntled insiders and accounts held by former employees are a
    greater computer security threat to United States companies than
    outside hackers, according to a survey released on Tuesday.
    Authorised users are by far a company's biggest security threat,
    according to the survey, which was conducted by market research firm
    Digital Research for security software developer Camelot and eWeek
    "It's a real issue that departments apparently can't keep up with
    closing accounts in a timely fashion," said Moti Dolgin, senior
    vice-president and general manager of Camelot's Americas unit.
    Of the 548 online surveys completed last week by eWeek readers, 57 per
    cent of respondents said their worst security breaches were from
    corporate users tapping unauthorised information. The second biggest
    problems reported were those created by user accounts left active
    after employees had left the company.
    Only a minority of 21 per cent complained that outsiders gaining
    access to sensitive information by hacking was their most pressing
    "In most cases users get access to much more information than they
    actually need to do their job," said Mr Dolgin.
    The view that the biggest security threat is internal may come as a
    surprise, given the media play that malicious hackers generate.
    "Hacker attacks do get more of their share of media attention and
    certainly are much more hyped," Mr Dolgin said. "One of the reasons is
    that companies, many times, are hesitant to disclose attacks by
    The survey also found that companies are spending more on securing
    their networks, in the view that prevention is cheaper than damage
    Nearly half the companies responding to the survey said they are
    increasing their budget for network security software and hardware.
    Haifa, Israel-based Camelot sells software that sets and monitors
    user-access permission. Unlike systems that rely on manual
    configuration, the software detects when a user is no longer active on
    the network and automatically shuts down their access.
    ISN is hosted by SecurityFocus.com
    To unsubscribe email isn-unsubscribeat_private

    This archive was generated by hypermail 2b30 : Wed Jun 20 2001 - 00:18:40 PDT