http://www.networkworld.com/news/2010/092710-insider-threats.html By Ellen Messmer Network World September 27, 2010 What's one of the biggest insider threats to the corporate network? The high-tech folks that put it together, make changes to it, and know more about what's on it and how it works than anybody else. When the database, network or systems administrator goes rogue -- stealing data, setting up secret access for themselves, even in anger planting logic bombs to destroy data , or just peeking at sensitive information they know is off limits -- they become the very insider threat that the IT department is supposed to be guarding against. Indeed, IT workers with privileged access to the network are often considered a greater risk and potential danger than other types of employees. "They're different because there's a high risk associated with the potential damage they can do," says Donna Durkin, chief information security and privacy officer for Computershare, a global financial services company. Mike Theis, executive director of insider threat technology for Raytheon, agrees that sys admins and others with privileged-user access are a bigger potential threat than other types of organizational employees. He says his decades-long experience as an investigator in the federal government and commercial sector has shown him that half of detected anomalies -- lapses in accepted protocol -- come from such insiders. [...] _______________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Thu Sep 30 2010 - 00:05:13 PDT
This archive was generated by hypermail 2.2.0 : Thu Sep 30 2010 - 00:13:52 PDT