Archive

Archive for December, 2008

Predicting, Detecting, and Responding to Insider Attacks

By E. Eugene Schultz – ISSA member, Los Angeles, USA chapter

Insider attacks are one of the least understood and inadequately mitigated security-related
risks facing organizations today. This article identifies patterns and behaviors that will help security professionals defend against the malicious insider.

Insider attacks are one of the least understood and inadequately mitigated security-related risks facing organizations today. The fact that the term “insider” is in and of itself elusive only makes this issue and its many dimensions more difficult to truly understand. Although employees of an organization are unquestionably insiders, whether (or perhaps better said, the degree to which) the term “insider” applies to consultants, contractors, vendors, third-party business partners, and others is usually to at least some degree ambiguous. Many believe that anyone who is granted access to an organization’s computing resources and is, hence, given an account and password is an insider. If this definition is taken literally, however, users who are granted access to a subscription website are insiders, even if they have never worked for the organization that operates the website. Read more…

Categories: Uncategorized Tags: