Author : Brian Contos, Dave Kleiman
Description:Today's headlines are littered with news of identity thieves, organized cyber criminals, corporate espionage, nation-state threats and even terrorists. They represent the next wave of security threats but still possess nowhere near the devastating potential of the most insidious threat: the insider. This is not the bored 16 year-old hacker. We are talking about insiders like you and I, who are trusted employees with access to information - consultants, contractors, partners, visitors, vendors, and cleaning crews. Anybody within an organization's building or networks that possesses some level of trust. Some insiders are malicious to begin with, joining organizations with surreptitious motives from the onset. These malicious insiders may work for competitors, organized crime groups, activists, terrorist organizations or even foreign governments. However, most insiders do not start with malicious intent, but become disgruntled or are motivated by financial gain. Other contributing factors can be fear, excitement, politics or even general malice. Others simply make mistakes, having no malicious motive, but their actions nonetheless have serious consequences. The larger an organization gets, the more likely it is to be concerned with insider threats. In a 2005 IDC study, it was discovered that about 40% of large organizations felt that the greatest security risks stem from internal threats as opposed to external attacks. Around 30% of respondents felt that the threats were about equal. Because of these threats, not taking steps to address insiders can ultimately yield regulatory fines, legal fees, litigation penalties associated with class actions, public relations fees, a decrease in shareholder faith, expenses related to placating customers and ultimately lost revenue. There is no security panacea. There is no piece of software that one can install, no box that can be plugged in, no policy that can be written, and no guru who can be hired to make an organization 100% secure. Insider threats are the hardest threats to prevent, most difficult to detect, and most politically-charged to mange. Security is a process that requires vigilance and awareness. It is a merger of people, processes, and technology. Finding the best combination of these variables to mitigate risk helps achieve a strong security posture. With vivid real-life cases, this book addresses the most difficult to manage and costly of all security threats: the insider.