Coming to terms with the Insider Threat

Yesterday I attended a FASTtalk CEO round table on the “The Threat from Within”. It’s interesting how important this subject has become following the spate of high profile data breaches over the last year. The threat has always been there, in fact, but the level of risk has increased substantially.

Potential spies, fraudsters and information brokers are always lurking in our organisations. They just don’t show themselves. But decades of progressive centralization, mergers and outsourcing have now made huge amounts of valuable data available to ordinary staff and contractors. It’s like putting large amounts of cash in the hands of ordinary people. The potential for error and the temptation to steal is so enormous that visible breaches are inevitable.

But incidents and risks have been building for many years. We just haven’t noticed them because incidents haven’t been properly uncovered, recorded or publicised. Organisations lose hundreds of laptops a year. Large procurements attract fraud. And valuable trade secrets attract espionage. It’s a healthy sign that at last we’re beginning to recognise these unpalatable facts.


Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

David, You could also add the recent survey results that Cyber-ark released. They were gathered at Infosec this year. When asked "have you ever used your administrative privileges to access information that was NOT relevant to you role" over 30% of respondees said YES. When asked "If you left your company tomorrow which information would you take with you?" Over 85% of respondees mentioned significantly sensitive data such as HR Records or customer lists with only just over 10% saying NOTHING. We do need to understand the very large threat that our own employees demonstrate, and I would advise that we start with those that have technical knowledge (and privileged access) first.