19 February 2018
Simon Romp

Simon Romp

Simon Romp - GFT

8Posts 31,543Views 3Comments

Another one slips through the DLP net...

23 January 2012  |  3398 views  |  0

New York Fed contractor charged with stealing Treasury code – this story is yet another example of how organisations are failing to address the risk that ‘trusted insiders’ – in this case a contractor – can pose. In an age of terrorist hactivists, many organisations are rightly focusing their data security efforts on securing their systems from ‘external’ threats and the interception of data from outside their defence perimeter. However, increasingly data is - quite literally - walking out of the front door, with little resistance.

Tackling the insider threat can be a tricky task since it involves an organisation’s own staff. The majority of employees and subcontractors are of course trustworthy and so a total IT lockdown or a stop and search policy as they leave the building is neither practical nor appropriate. Besides, no matter what systems and processes a company has in place, if an ‘insider’ wants to steal data, there is a residual risk that they will find a way of doing so. Especially, considering we now live in a world of Cloud storage, Smartphones and high capacity USB sticks!

What is so common, as with this New York Fed example, is that the culprit had privileged access to the information as part of their role within the company and they abused that trust. What this highlights is that there are not enough deterrents to stop them from taking this risk. Any ‘insider’ considering data theft will be disinclined if they know that they are likely to be found out; either during the event (through real-time alert generation) or after the event (through forensic examination of user activity logs).

Empowering users with information, trust and an understanding of what data loss prevention and user activity monitoring tools are in place will make them understand that if they steal data they will be caught. More importantly, you need to educate staff that they have an important part to play in protecting the organisation from the threat of data loss. Following this approach will help staff understand that they need to treat company and client information with the same respect they have for their own.

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from Simon

The real threats to digital security

03 April 2013  |  2293 views  |  0 comments | recomends Recommends 0 TagsSecuritySecurity

Another one slips through the DLP net...

23 January 2012  |  3398 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulation

The need for data theft deterrents

28 November 2011  |  3556 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulation

Falling prey to the 'insider threat'

10 August 2011  |  5021 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulation

Staff education essential to prevent data loss

07 July 2011  |  4496 views  |  0 comments | recomends Recommends 0 TagsSecurityRisk & regulation

Simon's profile

job title Specialist in Information Security
location London
member since 2011
Summary profile See full profile »
A motivated and professional consultant with a history of successful project management and delivery for many high-profile Tier 1 clients.

Simon's expertise

Member since 2011
8 posts3 comments
What Simon reads
Simon writes about
SecurityRisk & regulation
Simon's blog archive
2013 (1)2012 (1)2011 (6)

Who's commenting on Simon's posts