Page 56 - index
P. 56
vulnerabilities of an organization must be assessed, then prioritized and then a plan can be
implemented.
Defining and Understanding the Internal Vulnerability
“Vulnerabilities are flaws in assets or the absence of security controls that could lead to a
security breach when exploited by threats that increases the likelihood of risks to assets”. There
are numerous systems and software vulnerabilities; Symantec discovered 6,253 vulnerabilities
in 2010, approximately 17 each day.
I submit that the single most important vulnerability facing every organization is the “insider”, the
people within your organization, especially if they work in a technical role.
Steven Chabinsky, deputy assistant director of the Federal Bureau of Investigation (FBI) Cyber
Division stated that, “The problem of the insider can’t be overlooked. The insider is a
phenomenal issue. We’ve got insiders that are purposely sent to companies to do
espionage…..and then you have well-meaning employees who simply by opening up an email
or doing something else can compromise network security”.
An insider is an employee, contractor, consultant, temporary worker, third party business
partner and anyone who has internal access to an organizations computing environment.
Insiders have physical and system access rights, detailed knowledge of the computer
environment, awareness of systems weaknesses and knowledge of coworkers and superiors
blind spots.
There are at least two types of insider vulnerabilities, non-technical staff vulnerabilities and
technical staff vulnerabilities.
Non-technical staff vulnerabilities are likely to have a more limited exposure to the organization
given their restricted access to systems and limited knowledge of technical infrastructure. These
workers, while still endangering the computer environment, pose less of a threat. It is the office
worker who has access to the financial database of customers and writes his login and
password on a sticky note then leaves it eye range for a hacker to steal. It is the person who is
responsible for entering customer financial transactions into a database, but, leaves her
computer unattended and unsecured.
The technical staff vulnerability have significant exposure to the organization because of their
system rights and access to the computer environment and expert technical knowledge. For
example, system administrators at organizations have physical access and system privileges to
the computer environment (systems, databases, security software). They have the ability to
create, modify, delete and assign privileges to user accounts including their superiors and
senior managers.
While most employees are trustworthy and effectively do their job, it would be foolish for an
organization not to guard itself against the well-meaning insider who is careless and unaware or
56 Cyber Warnings E-Magazine – July 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
