Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

10/29/2013
04:20 PM
James Bindseil
James Bindseil
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Think Hackers Are IT's Biggest Threat? Guess Again

More than one third of all data security breaches at government agencies are caused accidentally by internal employees.

Iris Scans: Security Technology In Action
Iris Scans: Security Technology In Action
(click image for larger view)
Hacker groups such as LulzSec and Anonymous likely come to mind when discussing data breaches in the public sector. Both groups, along with other rogue hackers, have proven themselves more than capable of bypassing government security measures and gaining access to confidential data. But, surprisingly, they are not IT's biggest threat.

According to research by the Ponemon Institute, the actions of agency employees can be even riskier. More than one third of all data breaches are internal and unintentionally caused by employees, and federal agencies are not exempt. In fact, the public sector is one of the most targeted industries, second only to financial services.

"While external attackers and their evolving methods pose a great threat to companies, the dangers associated with the insider threat can be equally destructive and insidious," said Larry Ponemon, chairman of the research firm, in a recent interview. "Eight years of research on data breach costs has shown employee behavior to be one of the most pressing issues facing organizations today, up 22% since the first survey."

According to Privacy Rights Clearinghouse, government agencies have seen a steady increase in employee-caused data breaches over the last four years. Employee negligence has caused over 150 breaches since January 2009, resulting in the loss of more than 92.5 million data records.

[ Find out why malicious insider threats are getting harder to stop. Read Insider Threats Get More Difficult To Detect. ]

Unfortunately, public CIOs can't simply "plug the leak," but they can place a greater emphasis on the underlying cause of many data breaches: using insecure, un-managed methods to transfer sensitive data, such as:

-- Easily lost or stolen removable storage, particularly those housing unencrypted data (USBs, hard drives, disks, etc.)

-- Emails containing sensitive data sent to the wrong party

-- Third-party file-sharing and storage websites (Dropbox, Google Drive, etc.)

As occurrences increase in size and frequency, the cost per record lost is also rising. The Ponemon study reveals that the U.S. has one of the highest average costs per record ($136). The study also shows that third-party errors and lost or stolen devices have the most effect on the cost of a data breach.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Chuck Brooks
50%
50%
Chuck Brooks,
User Rank: Apprentice
11/8/2013 | 9:31:03 PM
re: Think Hackers Are IT's Biggest Threat? Guess Again
James is on point, cybersecurity risks are often teh result of internal breaches. The best way to address this is to have Informed risk management for employees on security protocols and processes to provide basic security awareness/identify threats.

-+
-+
pcalento011
50%
50%
pcalento011,
User Rank: Apprentice
10/31/2013 | 3:28:51 AM
re: Think Hackers Are IT's Biggest Threat? Guess Again
While certainly a "culture of security" can help address the threat, poorly architected systems also pose a risk. I'm not saying cloud computing or Big Data or any other technology is to blame, but a lack of planning leads to a lack of security. Blaming employees is too easy.
Ulf Mattsson
50%
50%
Ulf Mattsson,
User Rank: Moderator
10/30/2013 | 9:31:33 PM
re: Think Hackers Are IT's Biggest Threat? Guess Again
I agree that "Secure and manage data in motion" and "Tightening the security perimeter will always be a top priority for federal IT professionals", but I think that the perimeter is gone and that the most attractive target is data in large databases.

I think that the flow of sensitive data across different systems and databases should be protected. I recently read an interesting study from Aberdeen Group about security-related incidents. The study revealed that GǣOver the last 12 months, tokenization users had 50% fewer security-related incidents(e.g., unauthorized access, data loss or data exposure than tokenization non-usersGǥ. The name of the study is GǣTokenization Gets TractionGǥ.

I also think that security teams need to look at if data access patterns are normal for users that are accessing sensitive data. Tools can help to determine if the pattern is normal, is this what the typical employee does as part of their work, or is this behavior out of the ordinary.

Ulf Mattsson, CTO Protegrity
D. Henschen
50%
50%
D. Henschen,
User Rank: Apprentice
10/30/2013 | 6:38:01 PM
re: Think Hackers Are IT's Biggest Threat? Guess Again
This article has a government spin, but it's also very applicable to the private sector. Pay close heed to the practical advice on page two on curbing unintended data breaches unwittingly instigated by internal employees.
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.