IT Security: Insider threats not taken seriously by most US companies
I have found as an auditor at the Fortune 500 level that most companies do not understand the seriousness of insider threats, do not have properly documented policies and guidelines to deal with them, and in most instances do not have trained staff to address breaches when they occur. The focus is on hardware and software to protect the perimeters and detect intrusions, but these are techno solutions that leave out the legal, human and procedural issues. For example, how can employees be reprimanded or fired if there are no written and properly authorized policies dealing with the behaviors to be controlled?
Here is a great paper from cert.org on detecting and preventing insider threats. Everyone involved in IT Security, IT Audit and Risk Management should read it.
The photo above, of an employee that clearly did not look dangerous, turned out to be of Carlos Manuel Pico de Pan y Gonzales Jimenez, better known in Black Hat circles as “The Irish Potato,” who stole 7,000,000 credit card records from his company last week. The manager of security for the company was unfortunately focused on monitoring the mail room boy, the one with the nervous twitch and funny accent.