We might imagine
that the most common internal attackers are the IT staff as they have full and
unrestricted access to all of our systems. As Microsoft wisely said in
their 10 Immutable Laws of Security, a computer is only as secure as the
administrator is trustworthy.
But system
administrators aren’t the only insiders with means, motive and opportunity.
The Verizon 2012
Data Breach Investigations Report looked at the type of role held by internal
attackers. The results are eye opening. While 6% of breaches were
due to system administrators, 12% were by regular employees, 15% by managers
and even 3% by executive management!
The truth is that
trust must be earned, never expected. All insiders have means and
opportunity, all they need is motive.
To lower the
risk, wise businesses perform background checks for new employees moving into
sensitive positions, apply appropriate segregation of duties to lower the
potential for attack, and then implement good detective controls to catch it if
and when it happens.
If you trust but
verify, then this myth is plausible.
Phil Kernick Chief Technology Officer
@philkernick www.cqr.com
Phil Kernick Chief Technology Officer
@philkernick www.cqr.com
