HomeBlogCybersecurity, The Blind Side, The Insider Threat

Cybersecurity, The Blind Side, The Insider Threat

Cybersecurity, The Blind Side, The Insider Threat

Perhaps you remember the football movie, The Blind Side, with Sandra Bullock about an impoverished young boy who was adopted and eventually became a NFL football player. The blind side is also a football term which loosely means “something that approaches from the side you cannot see.” Usually the side of the quarterback away from where he is looking. Do we have a “blind side” in cybersecurity too? Perhaps.

As cybersec pro’s we don’t know where the next vulnerability will come from. The HVAC contractor (the source of Target’s huge breach), the CEO’s spouse’s unsecured cell phone, a package in your mailroom with a hacker tool trying to break into your Wi-Fi network, a USB drive found by an employee in the parking lot, the Internet connected TV in your lobby, etc. The way into an organization is unlimited. The bad guys are constantly thinking of vulnerabilities. Sometimes the threats are already inside.

I have been engaged in insider threats since I was at AOL ten years ago and a contractor stole PII. Recently I joined Insider Spyder, a company with patented technology which has been optimized over a dozen years to find insider threats in the most sensitive Federal agencies. When I talk to large companies most have an insider threat program. Most of these programs are not mature but they understand that the insider threat is one of the most expensive cybercrimes. [1]Part of the high cost is that is takes over two months to resolve an insider threat incident. The other part is that insiders know what the crown jewels are and how to find them.

So where’s the blind side? It’s the small and medium-sized companies that aren’t facing the reality that insider threat is not a big company problem. Insiders steal because they are unhappy, they are moving to another company, they have financial problems, etc. Any company that has employees should be concerned. Most companies do not have the ability to detect insider threats…so if you do not have the ability to detect a problem, how do you know it’s not happening? Cybersecurity pro’s cannot be blindsided by insider threat or any threat.

 

[1] Ponemon October 2014 Cost of Cybercrime Report