Non-malicious insiders: The biggest insider threat of all?

Non-malicious insiders: The biggest insider threat of all?

Date: Jul 29, 2014

There's little question that malicious insiders pose a clear and present threat to enterprise information security, but according to one of the industry's top experts on insider threats, non-malicious insiders can be equally dangerous.

Randy Trzeciak, director of the Software Engineering Institute's CERT Program at Carnegie Mellon University, said his team has conducted extensive research looking for patterns of behavior from non-malicious insiders that may cause harm to an organization.

In this video interview, recorded at the 2014 RSA Conference, Trzeciak discusses the five common patterns of insiders who harm organizations even though they lack malicious intent.

Intentionally malicious insiders are a significant risk as well, and Trzeciak discusses SEU CERT's federally funded research and development center's efforts to identify both technical and non-technical patterns of behavior to give enterprises insight into how insider threats evolve over time and what organizations can do to detect and respond to them.

Surprisingly, Trzeciak said software developers often rank among the most dangerous insiders.

"We have a number of cases that we've analyzed where malicious coders or developers have introduced vulnerabilities that were used to harm the organization," Trzeciak said, "either before or after they left the organization."

Finally Trzeciak discusses whether enterprises should implement industry-specific insider threat detection controls, and the emerging category of tools to identify suspicious insider activity.

More information:

Expert Kevin Beaver reveals five common insider threats and how to mitigate them.

In this Security School lesson, Dawn Cappelli offers practical strategies to mitigate insider threats.

More on Security Awareness Training and Internal Threats-Information

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: