Security Expert: Contractors or consultants. If they have signed confidentiality agreements and are given access to data, what if they ultimately keep data they needed access to in order to complete their tasks and use it improperly?
Andy Feit is Head of the Threat Prevention Product Line for Check Point with overall responsibility for strategy, positioning, and go-to-market activities. Before joining Check Point, he was a co-founder and CEO of Enlocked, an email security company focused on small- to mid-size businesses. He has also held several executive positions at information management software companies including MarkLogic, Verity, Quiver, Inktomi, and Infoseek, as well as serving as director and principal analyst for market research firm Gartner.
"If we look at recent large-scale breaches, the majority of those involved an attack from..."
External sources. That said, insider threats are responsible for many breaches and the reality is that it is not always as clear as inside vs. outside. For example, if an external organization was looking to gain access to data and bribed a system admin or DBA to provide a password or access to a system, but then the attack was executed by external hackers, how would you attribute this?
Other grey areas exist. For example, contractors or consultants. If they have signed confidentiality agreements and are given access to data, what if they ultimately keep data they needed access to in order to complete their tasks and use it improperly? Was this an insider or external attack?
In general, as both network and endpoint security continue to improve, the use of these hybrid techniques is likely to increase. It is important for organizations to ensure they have proper controls, audit, and protection in place to be able to detect and trace insider threats.
Source: 47 Security Experts weigh in the issue: https://digitalguardian.com/blog/insider-outsider-data-security-threats
More articles that maybe of interest: