Page 11 - index
P. 11
It Takes More Than Technology
It is also important to recognize that technology alone cannot prevent insider threats. It has
to be a cross-organizational effort that also involves HR, Management and Legal. For
example, if HR alerts IT about a disgruntled employee, their network activity can be
monitored so that anomalous behaviors such as logging on at unusual hours of the day can
be swiftly investigated. And without the involvement of other groups within the company,
malicious behaviors discovered by IT cannot be properly addressed.
In a recent survey conducted by The Ponemon Institute, 54 percent of respondents said that
they did not have a multi-disciplinary insider threat program in their organization. An
additional 17 percent of respondents said that they did have a defined insider threat
program, but that the participants were limited to just the IT department. While it has begun
to garner some attention recently, the insider threat definitely requires more of a focus
moving forward.
In order to be truly effective, insider threat management programs need to involve a broad
understanding of the various types of attackers and motivations attached to insider threats,
as well as include the right mix of tools and individuals necessary to effectively detect and
thwart attack attempts.
About the author
Tom Cross is Director of Security Research at Lancope. He has over a
decade of experience as a security researcher and thought leader. He is
credited with discovering a number of critical security vulnerabilities in
enterprise-class software, and frequently speaks on security issues at
conferences around the world.
11 Cyber Warnings E-Magazine – July 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
