My professional life has been full of clients devastated by trusted, internal attackers. In every case, the damage done amounted to hundreds of thousands of dollars. In one case, the victimized company incurred costs exceeding $1 million in recovery efforts. Everyone involved is bound by a nondisclosure agreement, so none of these cases has made the news, even though the service outages have been significant and widespread. Despite multiple efforts over the last two decades, there is still no cost-effective way to stop a trusted insider from doing tremendous damage when they feel so motivated. The best you can hope for is early detection to limit the damage. Many of the preventive efforts I've been involved in have focused on tightening access controls and improving logging and alerting.
A sweet solution to the insider threat
- Category: Other
- Hits: 2240