Insider Threats
At the recent InfoSec conference in London, Secure Computing conducted a survey of IT managers. Their findings are interesting:
Over 80 per cent of respondents said that data leaks by insiders, whether deliberate or accidental, is at the top of their list of security woes.
Only 17 per cent cited external threats posed by cyber-criminals, such as spammers and hackers, as more dangerous.
This shows that insider threats are considered more of an issue than external threats.
IT managers have to worry about all of the threats to their systems and data, and to that end, they analyze each threat and assign a risk level to it. Obviously, this group of managers consider internal threats a higher risk than external threats.
Usually when we’re asked to perform penetration testing, we’re asked to perform it as an outside attacker – with no knowledge or access to internal systems. I have seen a few clients request internal assessments or testing, but it tends to cost more because of the need for consultants/testers to be on-site – increasing travel/lodging costs.
If you don’t hire an external company to help you evaluate your internal systems and controls, please at least do it yourself. Remember, most IT managers consider internal threats more dangerous.
One thought on “Insider Threats”
I think this goes against our natural instincts (the same goes for companies, clients, etc).
For most of our evolutionary life we’ve really faced mostly external threats – disease, big predators, other groups of people.
The direction of information security is the same, worry about all of the external threats, trust administrators, and so on.
Most security “tests” are done from the outside and internal audits can be touchy subjects. I just gave myself the post for tomorrow: balancing trust and security during internal assessments.
Comments are closed.