Insider Threat Management

Home Forums Miscellaneous Insider Threat Management

This topic contains 0 replies, has 1 voice, and was last updated by  Henry Brown 5 years, 5 months ago.

  • Author
  • #179450

    Henry Brown

    IMO the blogs from Vormetric come pretty close to hitting the nail straight on!….

    We (security analysts/specialist) will need to be very careful in not throwing the baby out with the bath water

    Paul Ayer’s blog on

    Access is King: A Lesson in Insider Threats

    For better or for worse the recent Edward Snowden debacle has provided the international community with a long overdue wake-up call that those already safely within the company walls pose a significant risk to the security, and thus whole health, of the business.

    In Wayne’s last blog, he rightly pointed out “praising or demonizing Edward Snowden misses the central issue. Instead, the issue we should be discussing is one of access rights and distribution. Data only has value when accessible, so it should only be consumable by those who truly have a ‘need to know’.”

    As the corporate and government focus shifts back to looking at the trustworthiness of employees and contractors, specifically those insiders with ‘privileged user’ access rights, the question emerges: how do you continue to provision a high level of security without getting in the way of people doing their jobs?

    As a first step, organizations of all sizes should determine who their privileged users are and what information they have access to. Not all insiders are a direct threat out to steal your prized resources. To the contrary, different insiders present a different level of risk and should therefore be assigned a different threat level.

You must be logged in to reply to this topic.