The Latest in IT Security

A reality check for security leaders on insider risk



In smaller organizations—maybe less than 100 people or so—it’s quite common to hear “we know our people, we can trust them.” I like to ask the folks who are invested in trust as a security strategy a question:  “Are all of your personnel files stored in a cardboard box in an unlocked room with a note on it that says “please only look at your own file?” If not, then why not?  If you can trust your people, why would you bother to secure anything?

In larger organizations, there tends to be more specialized roles, so the folks charged with security are more apt to accept that the insider threat is real. Their challenge is convincing the executive suite to spend time and money on a problem that doesn’t always show as a problem because they aren’t specifically looking for it. It’s a chicken and egg thing—if you aren’t looking for insider threats, of course you don’t see them.

Read More

Leave a reply


FRIDAY, MARCH 05, 2021

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments