Keeping an I on IT...
December 2006
How to spot insider−attack risks in the IT department.
Nearly two−thirds of the 616 security pros surveyed this year by the Computer Security Institute say insiders account for some portion of the financial losses their organizations experience because of breaches. Insider attacks against IT infrastructure are among the security breaches most feared by both government and corporate security pros, says Eric Shaw, a psychologist and former CIA intelligence officer. The risks can be lessened first by doing background checks on potential IT employees −− something far more companies are doing this year, according to Carnegie Mellon University's CERT.
If an employee is terminated, it's crucial that all system access be revoked immediately. About half of all insider attacks take place between the time an IT employee is dismissed and his or her user privileges are taken away. When it comes to current employees, IT managers must do something they might not have a taste for: Keep an eye out for insubordination, anger over perceived mistreatment, or resistance to sharing responsibility or training colleagues −− all warning signs someone may be capable of system sabotage or data theft. IT managers must be watchful any time someone with access to sensitive systems has a falling out with his or her bosses.
Source:http://www.techweb.com/news/showArticle.jhtmlarticleID=196602853
How to spot insider−attack risks in the IT department.
Nearly two−thirds of the 616 security pros surveyed this year by the Computer Security Institute say insiders account for some portion of the financial losses their organizations experience because of breaches. Insider attacks against IT infrastructure are among the security breaches most feared by both government and corporate security pros, says Eric Shaw, a psychologist and former CIA intelligence officer. The risks can be lessened first by doing background checks on potential IT employees −− something far more companies are doing this year, according to Carnegie Mellon University's CERT.
If an employee is terminated, it's crucial that all system access be revoked immediately. About half of all insider attacks take place between the time an IT employee is dismissed and his or her user privileges are taken away. When it comes to current employees, IT managers must do something they might not have a taste for: Keep an eye out for insubordination, anger over perceived mistreatment, or resistance to sharing responsibility or training colleagues −− all warning signs someone may be capable of system sabotage or data theft. IT managers must be watchful any time someone with access to sensitive systems has a falling out with his or her bosses.
Source:http://www.techweb.com/news/showArticle.jhtmlarticleID=196602853
posted by arkietechs at 6:37 AM
0 Comments:
Post a Comment
<< Home