23 October 2014

Simon Romp

Simon Romp - Rule Financial

8 | posts 26,276 | views 3 | comments
A post relating to this item from Finextra:

Japanese Citi card customers hit by data theft

08 August 2011  |  6652 views  |  0
Crooks have stolen and sold the personal information of over 90,000 Japanese Citi credit card holders.

Falling prey to the 'insider threat'

10 August 2011  |  4281 views  |  0

This latest data security breach at Citi epitomises the many ways in which data can go astray. In a recently publicised case, data was stolen from Citi by external hackers. The culprits in this most recent Citi data loss are believed to be “insiders” who had privileged access to the bank’s systems.  If any lesson is to be learnt from this incident, it is the need to have absolutely all bases covered; not just those that seem most at risk. In this context there remains a significant risk from inside the perimeter, as this recent infringement clearly demonstrates, and the insider threat often combines with the external threat through collusion. Whilst most organisations have invested heavily in securing their systems from “external” threats, there has been proportionately less investment in monitoring insiders through user activity auditing and control systems.


This scenario also underlines the importance of user education and getting ‘insiders’ – whether they be employees, subcontractors or third party vendors – to treat company data with the upmost respect and to make it clear to users that controls are in place to identify the source of any data leakage. This is a critical element in any data loss prevention strategy. At the end of the day, no matter what systems and processes a company may implement, if an ‘insider’ wants to steal data, there is a residual risk that they will find a way of doing so. However, they will be disinclined to attempt data theft if they know that they are likely to be found out; either before the event (through automatic generation of alerts) or after the event (through forensic examination of user activity logs).


More generally, and in light of the many diverse threats, organisations need to ensure that they are constantly reviewing their policies, defences and controls. They need to perform regular risk assessments to identify where there is potential for data leakage from insiders and where additional protection therefore needs to be put in place. Crucially, this can enable firms to get to ‘know their insider’ and the risks they represent.

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Simon

The real threats to digital security

03 April 2013  |  1658 views  |  0  |  Recommends 0 TagsSecuritySecurity

Another one slips through the DLP net...

23 January 2012  |  2735 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

The need for data theft deterrents

28 November 2011  |  2819 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

Falling prey to the 'insider threat'

10 August 2011  |  4281 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

Staff education essential to prevent data loss

07 July 2011  |  3820 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation
name

Simon Romp

job title

Specialist in Information Security

company name

Rule Financial

member since

2011

location

London

Summary profile See full profile »
A motivated and professional consultant with a history of successful project management and deliv...

Simon's expertise

What Simon reads
Simon writes about
Simon's blog archive
2013 (1)2012 (1)2011 (6)

Who is commenting on Simon's posts