May 12, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« Must Security Always Be Behind the Curve? | Main | Is This How Our Security Should Be? »

March 11, 2008
Watch Out for These 5 Insider Security Threats

The US Computer Emergency Response Team (Cert) recently estimated that 40 percent of all security breaches happen from the inside, while another study estimated that 90 of computer crimes are committed by employees of the company. And if that person is NOT you (it's not you, right?), then here's what to look for and look out for (taken from ZDNet).

1) Insider Cyberattacks -- As Cert research found that most cyberattacks are undertaken by system administrators or other ITers with privileged access, so, as the saying goes with waiters, where you should never anger anyone who comes into contact with your food, I think it's best to try not to go out of your way to anger anyone who controls the company network. Of course, folks in IT have been known to abuse their privileges without provocation, so it's good that today there are plenty of Network Access Control tools that can keep an eye on them as well as cancel all their access the very second their employment ends.

2) Social Engineering -- Like they say, there's a sucker born every minute, and very likely, they're working in the cubical right next to you (or, God forbid, occupying the corner office). You know who I'm talking about: those sort of folk who absolutely refuse to open the email that promises them more money than Bill Gates until they've seen it for the fiftieth time.

To beat this, employee education is key, so that even if they get an email from their best friend forever asking for all of their banking information along with their key code, maybe it'd be a good idea to pick up a phone and call that best friend to tell them they never discuss their security passwords or bank info with anyone.

3) The Malicious Download -- Yes, the internet can be a great seductress, and when the average employee generally surfs the web for an hour a day on company time, the opportunities to slip-up are near infinite. With viruses increases by 50 percent each year, the best advice is to patch early and patch often, and that include patching your human resources after firing those employees who simply refuse to stop surfing those risky web waters.

My blogging time is up, so the final two I'll include tomorrow, and if you do feel quite concerned about all the upcoming threats that you know and don't know about on the internet, make sure to tune into ebizQ's Threatscape 2008.

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/3237

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
ebizQ Web 2.0 and the Enterprise
Your E-mail Address:
BAM for BPM Survey Results Are In! Learn What’s Driving New BAM Investments
Date: May 13, 2008
Time: 12:00 PM ET
(16:00 GMT)
REGISTER TODAY!
Avoid the SOA Pitfalls that Prevent ROI
Date: May 15, 2008
Time: 14:00 PM ET
(18:00 GMT)
REGISTER TODAY!
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map