PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
October 2003

Ten ways to prevent insider security threats

The unmasking of insider Robert Philip Hanssen as a Russian spy taught the FBI a harsh lesson that most organizations have yet to learn: There's great danger from those we trust the most. We've gotten pretty good at protecting our perimeters, but most of us do a less-than-adequate job protecting our enterprises from employees (current and former), business partners, contractors, interns and even customers. While most of our attention is focused on Internet-based attacks, insiders cause the vast majority of security incidents and can do the most damage. It makes sense: They have intimate knowledge of our network layouts, applications, staff and business practices. Institutional laxity invites insider problems. In a revealing report in August, the Department of Justice's Office of the Inspector General cites not Hanssen's brilliance as a spy, but rather the bureau's failure to implement and enforce strong insider security procedures as a prime reason for the his success over 20 years. The FBI isn't unique on this score. Insiders ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue