Internal Espionage, Still a Threat
Posted by Todd Chambers - CMO on Mon, Jun 08, 2009
The revelation that a highly placed State Department official and his wife have been spying for Cuba for almost 30 years should be another reminder that internal ‘espionage' is every bit as dangerous as external hacking, and can be even more costly. For much of the past 30 years, technologies didn't exist that would allow IT managers to detect suspicious access patterns. That's not the case anymore.
Today, an advanced Access Assurance strategy with a combination of detective and preventative controls (DLP, SIEM, provisioning...) gives the security team insight not only into who has access to which resources, but what they are doing with that access, and whether that action logically corresponds with the user's job requirements.
As the White House further develops its new cybersecurity plan, it will be important to include guidelines that direct the implementation of a consistent Access Assurance strategy across agencies. While external hacks certainly pose a risk, protecting sensitive data from insider threats should be just as high of a priority.