Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

US Government Hunts Down Disgruntled Employee Threats

Imperva : 10 January, 2011  (Technical Article)
Imperva comments on reports of increased US government activity on combating insider threats in the wake of the recent Wikileaks scandal
Noa Bar-Yosef, Senior Security Strategist at Imperva comments on a BBC report that the White House is telling US agencies to create ‘insider threat’ programs to ferret out disgruntled workers who may leak state secrets.

 

“Overall, this is an excellent memo and anyone in security should read it carefully.  The memo asks good questions to help government agencies—or even private companies—assess the threat of a possible insider.  This is all Wikileaks fallout.  (Ironically, great article on Julian Assange complaining about a Wikileaks employee leaking information to Guardian in the UK.  A leak at Wikileaks?).

 

However, to help identify insider threats, there are two elements:  awareness and automation.  This memo largely focuses on raising awareness to help spot insiders.  That’s a very good thing. 

 

But awareness is only part of the solution.  Being aware only part time isn’t good enough.  Security doesn’t sleep.  For that matter, the government needs to assume that insiders don’t sleep either.  What the memo fails to recommend and force readers to consider is automation.  Private Manning downloaded thousands of documents without anyone’s knowledge.  An automated scanning capability (i.e 24/7 monitoring) would have caught this peculiar behavior. Overall, automated scanning (and monitoring) should help identify not only excessive downloads but also access to data and documents that simply aren’t supposed to see.  If government employees know they’re being monitored, they’ll behave differently just like drivers slow down when they know the highway patrol is in the next lane.”
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo