21 September 2017
Simon Romp

Simon Romp

Simon Romp - GFT

8Posts 30,907Views 3Comments
A post relating to this item from Finextra:

Japanese Citi card customers hit by data theft

08 August 2011  |  7377 views  |  0
Crooks have stolen and sold the personal information of over 90,000 Japanese Citi credit card holders.

Falling prey to the 'insider threat'

10 August 2011  |  4929 views  |  0

This latest data security breach at Citi epitomises the many ways in which data can go astray. In a recently publicised case, data was stolen from Citi by external hackers. The culprits in this most recent Citi data loss are believed to be “insiders” who had privileged access to the bank’s systems.  If any lesson is to be learnt from this incident, it is the need to have absolutely all bases covered; not just those that seem most at risk. In this context there remains a significant risk from inside the perimeter, as this recent infringement clearly demonstrates, and the insider threat often combines with the external threat through collusion. Whilst most organisations have invested heavily in securing their systems from “external” threats, there has been proportionately less investment in monitoring insiders through user activity auditing and control systems.

This scenario also underlines the importance of user education and getting ‘insiders’ – whether they be employees, subcontractors or third party vendors – to treat company data with the upmost respect and to make it clear to users that controls are in place to identify the source of any data leakage. This is a critical element in any data loss prevention strategy. At the end of the day, no matter what systems and processes a company may implement, if an ‘insider’ wants to steal data, there is a residual risk that they will find a way of doing so. However, they will be disinclined to attempt data theft if they know that they are likely to be found out; either before the event (through automatic generation of alerts) or after the event (through forensic examination of user activity logs).

More generally, and in light of the many diverse threats, organisations need to ensure that they are constantly reviewing their policies, defences and controls. They need to perform regular risk assessments to identify where there is potential for data leakage from insiders and where additional protection therefore needs to be put in place. Crucially, this can enable firms to get to ‘know their insider’ and the risks they represent.

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from Simon

The real threats to digital security

03 April 2013  |  2176 views  |  0 comments | recomends Recommends 0 TagsSecuritySecurity

Another one slips through the DLP net...

23 January 2012  |  3346 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulation

The need for data theft deterrents

28 November 2011  |  3476 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulation

Falling prey to the 'insider threat'

10 August 2011  |  4929 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulation

Staff education essential to prevent data loss

07 July 2011  |  4417 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulation

Simon's profile

job title Specialist in Information Security
location London
member since 2011
Summary profile See full profile »
A motivated and professional consultant with a history of successful project management and delivery for many high-profile Tier 1 clients.

Simon's expertise

Member since 2011
8 posts3 comments
What Simon reads
Simon writes about
SecurityRisk & regulation
Simon's blog archive
2013 (1)2012 (1)2011 (6)

Who's commenting on Simon's posts