Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Why we can't stop malicious insiders

Taylor Armerding | June 18, 2013
Snowden case shows that organizations can limit, but not eliminate, the damage done by inside attacks

Technology and training can also help protect the organization from workers who are not malicious, but who fall victim to scams like phishing.

"You can do things like virtualizing browsers or mail accounts, so if they click on something, you can see that its not kosher," McGraw said. "But you need to understand that they are going to get phished."

Sweet said companies should, "hit their employees constantly with company-managed phishing attacks. This is a service you can pay trustworthy outside providers to do. It keeps the awareness level exceptionally high."

Schneier added that things like one-time passwords can help protect against employee vulnerabilities.

But nothing is foolproof.

"These are all tricks around the edges," Schneier said. There is no panacea. There will always be exceptions. You are never going to catch everything."

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.