Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Are your biggest security threats on the inside?

David Weldon | Sept. 28, 2015
Ask most computer pros to talk about IT security, and you’ll likely hear about all sorts of external threats, like malware, hackers, spyware, DOS attacks and the like. But what if the bigger – and more costly – threat comes from within?

The now infamous Ashley Madison website has had a pretty successful run at helping its clientele be disloyal. So perhaps some would view it as poetic justice if the website became one of the most scandalous breaches in history at the hands of one of its own. 

At least that is the conclusion of IT security analyst John McAfee, who noted recently “yes, it is true. Ashley Madison was not hacked – the data was stolen by a woman operating on her own who worked for Avid Life Media.” 

If true, the fact that the Ashley Madison breach was due to an internal, and not external, threat shouldn’t come as too big a surprise. Many IT security studies this year have pointed to the growing threat of insider data theft and corporate breaches. 

In some cases, insider threats can be more financially damaging and more difficult to defend against. After all, external threats involve someone trying to break in. The insider threat already has the keys to the front door and knows where the family jewels are stored. 

Still, external and internal threats often share one key motive – the desire to profit from data. With external threats, hackers are traditionally looking to steal data that they can sell in the black market. With internal threats, the incident may involve an employee – or former employee – looking to cash in on something they developed or strategic information that competitors want. 

[Related: Insider threats force balance between security and access] 

That was the case this January in Boston, when the Proctor & Gamble Company filed suit against four former Gillette Company employees, accusing them of wrongfully using and disclosing confidential information and trade secrets to a direct competitor. 

In July, an employee of Merit Health Northwest Mississippi was accused of removing patient information from the facility over a two year period without authorization. The employee reportedly stole patient names, addresses, dates of birth, Social Security numbers, health plan information and clinical information, all for the purpose of identity theft. 

Perhaps the most difficult to defend against is the disgruntled employee, notes Jane LeClair, chief operating officer at the National Cybersecurity Institute, which tracks data breach incidents. One might be tempted to think the NCI spends the lion’s share of its time on external data breaches, but insider threats have become a top concern. 

“Insider threats are something that most organizations don’t have a terribly high focus on today,” LeClair believes. “I think there is a lot to be done in that area. We, as Americans, are really a very trusting people. So it’s hard for a lot of organizations – especially smaller organizations – [to view employees as a primary threat].” 

 

1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.