I feel the IT threat that is most difficult to defend against is the insider threat. Mandatory education and strict policies are no match against someone who wants to do harm to an organization. Rogue networks and brute force attacks are met with countermeasures that are implemented by a company's IT department. If that person were say, an administrator, who wanted to cause as much damage as possible before being terminated, there is really nothing to stop the act itself. The consequences such as lawsuits and jail time, are real enough but the damage is already done.
I think the best defense in this case would be to ensure vital tasks require a two-person policy. The next best defense would be to rotate personnel through different departments. Mandatory vacations are also a good idea because if an incident occurred, timeframes are easier to nail down as well as other details.
Criminal and financial background checks are important in this area too. Knowing your people is essential to placing them in the right positions with the correct responsibilities. Some felony activity and bankruptcy should not preclude someone from obtaining employment. The problem comes in when such history is concealed.
Having people with integrity and a good sense of ethics is important to any organization. These traits, along with education and policy, in my opinion make the best defense against the insider threat. In addition, having the proper software and hardware also helps but not without the human element to tell it what to do.
I think the best defense in this case would be to ensure vital tasks require a two-person policy. The next best defense would be to rotate personnel through different departments. Mandatory vacations are also a good idea because if an incident occurred, timeframes are easier to nail down as well as other details.
Criminal and financial background checks are important in this area too. Knowing your people is essential to placing them in the right positions with the correct responsibilities. Some felony activity and bankruptcy should not preclude someone from obtaining employment. The problem comes in when such history is concealed.
Having people with integrity and a good sense of ethics is important to any organization. These traits, along with education and policy, in my opinion make the best defense against the insider threat. In addition, having the proper software and hardware also helps but not without the human element to tell it what to do.
Comments
Post a Comment