Security: Insider Security Threats: 10 Tactics to Stop These Data Breaches
The full version of 2012 Verizon Data Breach Investigation Report is being released soon. However, the report's preliminary findings show that a vast majority of data breaches in 2011 were the result of outsiders trying to break in for malicious purposes. With those kinds of numbers, it is very easy to forget that insider attacks are often as equally devastating as, if not more devastating than, external threats. Insider attacks are very common and can happen to anyone, Dawn Cappelli, technical manager from Carnegie Mellon University's CERT Insider Threat Center, told attendees at the 2012 RSA Conference in San Francisco. The threats generally fall into one of the three major categories: insider IT sabotage, theft of intellectual property or fraud. In a recent survey, CERT found that nearly half of all organizations surveyed reported having suffered from malicious insider attacks. "If you experience one, you are not alone. Just learn from it," said Cappelli. Here, eWEEK takes a look at a list from CERT Insider Threat Center that outlines the steps organizations should take to boost their defenses against insider threats.
Learn From Past Incidents
Insider attacks are common enough that there will be repeat incidents. Take precautions so that the latest incident can't be repeated again. IT can write an automated script that can monitor and detect if someone else gets recruited to run the scam again. The company can invest in technology to flag users sending source code through email to an external account or copying data onto a USB drive.