Danger on the inside

Rosalyn Harris  July 31 2008 03:03:00 AM

How to save your company tens of millions of dollars

If there’s one thing you can do to help your organization save money, it’s to convince them to take the risk of insider threats seriously. In their technical report The “Big Picture” of Insider IT Sabotage Across U.S. Critical Infrastructures, CERT examines why companies fall prey to insider plots.

It should come as no surprise that the key to minimizing the threat of insider plots is prevention. An organization needs to take the proper steps to ensure that they have the right balance between technology and recognizing the characteristics of an employee who could pose a potential threat.

From a technology stand-point, an organization needs to be able to log, monitor and audit employee online actions. This allows an organization to identify and investigate any suspicious insider activity before it’s too late. With a tool like SecurTrac in place, an organization can log and monitor all events and user activities that occur in their Domino environment, and our Intrusion Detection monitor is deigned to monitor for malicious events.

According to The “Big Picture” organizations who have been victims of insider IT sabotage have suffered losses ranging from a low of five hundred dollars to a high of “tens of millions of dollars.” They also write that 75% of the organizations experienced some impact on their business operations, and that 28% of the organizations experienced a negative impact to their reputations.

From an employee stand-point, it can be slightly more complex. To being with, how can you identify employee who might be a potential threat? According to the research, most insiders who committed an act of IT sabotage exhibit certain personality traits that are linked to malicious behaviours. For example, they may exhibit any of the following:
*Serious mental health disorders, such as alcohol and drug addiction, panic attacks, physical spouse abuse, and seizure disorders
*Social skills and decision-making bias such as bullying and intimidation of coworkers, serious personality conflicts, unprofessional behaviour, personal hygiene problems
*An inability to conform to rules or a history of rule violations such as arrests, hacking, security violations, harassment complaints and misuse of travel, time and expenses.

If you’re interested in reading more about insider threats, you might want to check out the following articles:
Log management as a tool against insider threats
Taking the Offensive with Insider Threats – How Financial Institutions Can Improve Risk Management
13 best practices for preventing and detecting insider threats

• Comments [0]