Security Expert: Efforts to mitigate the insider threat, such as additional security controls and improved vetting of new employees.
Steve Durbin is Managing Director of the Information Security Forum (ISF). His main areas of focus include the emerging security threat landscape, cyber security, BYOD, the cloud, and social media across both the corporate and personal environments. Previously, he was Senior Vice President at Gartner.
"As data breaches increase, many will be the result of..."
Insider threats. In fact, the insider threat is unlikely to diminish in the coming years and will be a major threat to businesses. Efforts to mitigate this threat, such as additional security controls and improved vetting of new employees, will remain at odds with efficiency measures. More insiders with malicious intent will emerge as more people place their own ethics and perceptions above those of their employers.
The insider threat has certainly intensified as people have become increasingly mobile and hyper-connected. Nearly every worker has multiple, interconnected devices that can compromise information immediately and at scale: impact is no longer limited by the amount of paper someone can carry. Simultaneously, social norms are shifting, eroding loyalty between employers and employees.
At the ISF, we believe that there are three categories of insider behavior: Malicious, Negligent and Accidental.
Malicious behaviors require a motive to harm plus a conscious decision to act inappropriately. Examples include copying files before taking a job with a competitor, leaking confidential information, sabotaging networks, or using work privileges for personal benefit.
Source: 47 Security Experts weigh in the issue: https://digitalguardian.com/blog/insider-outsider-data-security-threats
More articles that maybe of interest: