Insider Security Threats Q&A
by Berislav Kucan - Wednesday, 12 October 2005.
Many current regulations now call for public notification of a data breach. And the stock market has reacted strongly to such notifications, which moves the risk of a data breach from a "local IT cleanup project", to something that will affect the overall value of the company.

This is no longer an IT issue, it's a business survival issue, as evidenced by the experience of CardSystems Solutions Inc who declared a data breach back in May of this year. After losing a number of its customers as a result of their lack of security, they are now in the process of being acquired by their rival CyberSource Corporation. For CardSystems Solutions Inc, this was literally a life and death issue.

All of which means a significant change in the traditional IT security strategies.

Up until now most IT security has been based on a "Moat and Castle" security strategy, or put simply; "Create a strong perimeter to separate the "trusted" environment (folks who belong to the organization), from the untrusted environment, (every one else), and secure against the untrusted environment."

The problem with this is that by definition insider attacks come from the inside... And so the security focus has to shift from the perimeter and beyond, to include securing inside the perimeter as well.

To do this, organizations start by identifying and establishing security policies specifically for inside the perimeter, including effective network segmentation that creates closed user groups, limiting what individuals are exposed or have access to.

Then you need to enhancing data security by protecting data-at-rest using authentication, and access control, as well as protecting data-in-motion with encryption - especially sensitive items like user names, passwords, and personal identity data.

All of which should be complemented by effective monitoring and reporting that covers the entire environment - especially those connection attempts that happen where they shouldn't.

This is not simple.

Most traditional security technologies were developed for the "Moat and Castle" strategy and as such, do not work very will inside the perimeter.

Help is on the way however. There is a new class of technology emerging that was designed specifically for this purpose, including those produced by Apani Networks, that can help simplify this onerous but necessary task.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th