If you like suspense and horror movies, you know how often
the plot hinges on one of the characters realizing that the threatening call is
coming from inside the house. Similarly, your IT security might depend on
recognizing that a threat is coming from inside your organization.
Employees who are disgruntled or just plain careless can do
enormous amounts of damage to your finances, intellectual property, and/or
business operations. A recent
survey by SANS Institute shows that companies are increasingly aware of
these internal threats, but that they're still not prepared to detect and
deflect them. As author and SANS Institute fellow Dr. Eric Cole writes, "Insiders
have access to critical information, understand how the organization is
structured, and can bypass security more easily than outsiders. They can
therefore be in the best position to cause harm to an organization. Many
organizations are still not creating and implementing insider threat programs
and need to aggressively increase their focus to better protect the
organization."
The survey suggests that two-thirds of organizations either
don't have a plan for responding to IT security events in place at all or don't
have one that can account for insider threats. Don't be in that high-risk
group. Contact Xantrion for help developing an IT security event response plan
that covers all your potential threats, internal as well as external.
No comments:
Post a Comment