A new perspective on the insider threat
When talking about the insider threat, the first that comes to mind to many (if not all) information security professionals is the threat posed by rogue insiders that knowingly help attackers gain access to internal systems or deliver information from it.
But there is another type of “insider” – the regular employee that falls for social engineering attacks and unwittingly becomes an accomplice to the attackers.
Since hackers have realized in the last couple of years that it is practically always easier to start with this type of approach, the expression “insider threat” may soon become a synonym for “uneducated employee”.
In this podcast recorded at RSA Conference Europe 2011, Brian Honan, Principal Consultant at BH Consulting and founder and head of the Irish CERT, talks about the need for IT departments and employees to start working together and to realize that they are on the same side.
The former should think about ways to educate the general employee population about the dangers lurking behind unsolicited emails, messages and phone calls and about making themselves more available to answer questions and share their expertise, while the latter should not be afraid to admit they have made a mistake as soon as they made it and inform the IT department of it, so that it could react quickly to stem possible attacks.