Think Hackers Are IT's Biggest Threat? Guess Again
Iris Scans: Security Technology In Action
(click image for larger view) According to research by the Ponemon Institute, the actions of agency employees can be even riskier. More than one third of all data breaches are internal and unintentionally caused by employees, and federal agencies are not exempt. In fact, the public sector is one of the most targeted industries, second only to financial services.
"While external attackers and their evolving methods pose a great threat to companies, the dangers associated with the insider threat can be equally destructive and insidious," said Larry Ponemon, chairman of the research firm, in a recent interview. "Eight years of research on data breach costs has shown employee behavior to be one of the most pressing issues facing organizations today, up 22% since the first survey."
According to Privacy Rights Clearinghouse, government agencies have seen a steady increase in employee-caused data breaches over the last four years. Employee negligence has caused over 150 breaches since January 2009, resulting in the loss of more than 92.5 million data records.
[ Find out why malicious insider threats are getting harder to stop. Read Insider Threats Get More Difficult To Detect. ]
Unfortunately, public CIOs can't simply "plug the leak," but they can place a greater emphasis on the underlying cause of many data breaches: using insecure, un-managed methods to transfer sensitive data, such as:
-- Easily lost or stolen removable storage, particularly those housing unencrypted data (USBs, hard drives, disks, etc.)
-- Emails containing sensitive data sent to the wrong party
-- Third-party file-sharing and storage websites (Dropbox, Google Drive, etc.)
As occurrences increase in size and frequency, the cost per record lost is also rising. The Ponemon study reveals that the U.S. has one of the highest average costs per record ($136). The study also shows that third-party errors and lost or stolen devices have the most effect on the cost of a data breach.
1 of 2
Comment |
Print |
More Insights
Comments
Newest First | Oldest First | Threaded View
re: Think Hackers Are IT's Biggest Threat? Guess Again
James is on point, cybersecurity risks are often teh result of internal breaches. The best way to address this is to have Informed risk management for employees on security protocols and processes to provide basic security awareness/identify threats.
-+
-+
-+
-+
re: Think Hackers Are IT's Biggest Threat? Guess Again
While certainly a "culture of security" can help address the threat, poorly architected systems also pose a risk. I'm not saying cloud computing or Big Data or any other technology is to blame, but a lack of planning leads to a lack of security. Blaming employees is too easy.
re: Think Hackers Are IT's Biggest Threat? Guess Again
I agree that "Secure and manage data in motion" and "Tightening the security perimeter will always be a top priority for federal IT professionals", but I think that the perimeter is gone and that the most attractive target is data in large databases.
I think that the flow of sensitive data across different systems and databases should be protected. I recently read an interesting study from Aberdeen Group about security-related incidents. The study revealed that GǣOver the last 12 months, tokenization users had 50% fewer security-related incidents(e.g., unauthorized access, data loss or data exposure than tokenization non-usersGǥ. The name of the study is GǣTokenization Gets TractionGǥ.
I also think that security teams need to look at if data access patterns are normal for users that are accessing sensitive data. Tools can help to determine if the pattern is normal, is this what the typical employee does as part of their work, or is this behavior out of the ordinary.
Ulf Mattsson, CTO Protegrity
I think that the flow of sensitive data across different systems and databases should be protected. I recently read an interesting study from Aberdeen Group about security-related incidents. The study revealed that GǣOver the last 12 months, tokenization users had 50% fewer security-related incidents(e.g., unauthorized access, data loss or data exposure than tokenization non-usersGǥ. The name of the study is GǣTokenization Gets TractionGǥ.
I also think that security teams need to look at if data access patterns are normal for users that are accessing sensitive data. Tools can help to determine if the pattern is normal, is this what the typical employee does as part of their work, or is this behavior out of the ordinary.
Ulf Mattsson, CTO Protegrity
re: Think Hackers Are IT's Biggest Threat? Guess Again
This article has a government spin, but it's also very applicable to the private sector. Pay close heed to the practical advice on page two on curbing unintended data breaches unwittingly instigated by internal employees.
White Papers
Current Issue
Video
0 Comments
Slideshows
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
From DHS/US-CERT's National Vulnerability Database
CVE-2011-3154
Published: 2014-04-17
DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows local users to obtain the XAUTHORITY file conte...
CVE-2013-2143DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows local users to obtain the XAUTHORITY file conte...
Published: 2014-04-17
The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.
CVE-2014-0036The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.
Published: 2014-04-17
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
CVE-2014-0054The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
Published: 2014-04-17
The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External ...
CVE-2014-0071The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External ...
Published: 2014-04-17
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections.
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections.
- Featured UBM Tech Sites
- InformationWeek |
- Network Computing |
- Dr. Dobbs |
- Dark Reading
- Our Markets:
- Business Technology |
- Electronics |
- Game & App Development
- Working With Us:
- Advertising Contacts |
- Event Calendar |
- Tech Marketing Solutions |
- Corporate Site |
- Contact Us / Feedback
Tweet This