Q

Creating a security awareness program

In this Information Security Threats Ask the Expert Q&A, Ed Skoudis explains how creating a security awareness program can help thwart the insider threat.

I am working on a security awareness and internal security program. Where can I find statistical information on insider threats, lost laptops, etc?
There are periodic surveys about these problems. The following three surveys are good sources to start with:

  • Insider Threat Statistics:
    http://www.schneier.com/blog/archives/2005/12/insider_threat.html

  • 'Insider Threat' Study Reveals That Trusted Employees Are Exposing Co-Workers' Personal Information:
    http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/08-22-2005/0004091867&EDATE

  • Beware of insider threats to your security:
    http://www.viack.com/_download/200408_cdm.pdf

    Each survey describes the persistent and pernicious insider problem of many employees inadvertently or purposely putting their organizations at risk. However, these surveys can be inconsistent, especially the ones that compare the number of external attacks to internal attacks (from employees, etc.). Some surveys show a huge number of external attacks, while others show a preponderance of the latter.

    When discussing this threat with management, emphasize the need to defend against both insiders and outsiders, and how to leverage some tools across both threats, while using other tools that focus predominantly on one or the other. If you put all of your defensive eggs in the outsider threat basket, your organization could be in serious peril. Thus, a blended approach is vital.

    More Information

  • Review five common insider threats and learn how to mitigate them.
  • Learn how to thwart insider threats.
  • This was first published in August 2006

    Dig deeper on Security Awareness Training and Internal Threats-Information

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close