Home

Surveys Say: Be Concerned About Internal Threats

Submitted by Vu M. Nguyen on Tue, 03/10/2009 - 13:42
Published in
"In a soon-to-be-published survey of more than 400 IT and security professionals conducted by Dark Reading and sister publication InformationWeek, 52 percent of respondents said they are more concerned about the possibility of internal data leaks -- both accidental and malicious -- than they are about external threats."
Source: Dark Reading
"The Deloitte survey "Protecting What Matters: The Sixth Annual Global Security Survey" released today shows that only 36% of the respondents, who collectively hail from North America, Asia, Europe and Latin America, expressed confidence that their organizations are prepared to prevent or block cyber-attacks from internal threats. In contrast, 66% were confident they could block external attacks."
Source: Network World

No surprise here, internal breaches from disgruntled employees and human stupidity are worrisome for security professionals around the world. There's so many attack vectors to consider when an individual has physical and virtual access to systems sitting in your company's LAN.

Become an Infosec Nazi, if you aren't already (for your peace of mind):

  • Time to lock Administrative permissions down to core staffers (no installation privileges for end-users).
  • Block Facebook, Myspace, and other social networking sites on the router.
  • No USB drives/CDR/DVDR allowed on premises.
  • Configure all systems to not use bluetooth and USB.
  • Encrypt your vital data using Truecrypt or PGP.
  • Ensure copies of encrypted vital data are in offline systems.
  • Probe with Nessus/BackTrack for systems running unwanted services and unusual open ports on a regular basis

© 2008-2010 Red Audit LLC.
Page generated in: 0.000165 seconds.