[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Biggest insider threat? Sys admin gone rogue
From: InfoSec News <alerts () infosecnews ! org>
Date: 2010-09-30 7:05:13
Message-ID: Pine.LNX.4.61.1009300205050.6164 () conundrum ! infosecnews ! org
[Download RAW message or body]
http://www.networkworld.com/news/2010/092710-insider-threats.html
By Ellen Messmer
Network World
September 27, 2010
What's one of the biggest insider threats to the corporate network? The
high-tech folks that put it together, make changes to it, and know more
about what's on it and how it works than anybody else.
When the database, network or systems administrator goes rogue --
stealing data, setting up secret access for themselves, even in anger
planting logic bombs to destroy data , or just peeking at sensitive
information they know is off limits -- they become the very insider
threat that the IT department is supposed to be guarding against.
Indeed, IT workers with privileged access to the network are often
considered a greater risk and potential danger than other types of
employees.
"They're different because there's a high risk associated with the
potential damage they can do," says Donna Durkin, chief information
security and privacy officer for Computershare, a global financial
services company.
Mike Theis, executive director of insider threat technology for
Raytheon, agrees that sys admins and others with privileged-user access
are a bigger potential threat than other types of organizational
employees. He says his decades-long experience as an investigator in the
federal government and commercial sector has shown him that half of
detected anomalies -- lapses in accepted protocol -- come from such
insiders.
[...]
_______________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic