Dark Reading has a thought-provoking post up about the popular buzzphrase “insider threat”, and, to the point, how it really doesn’t make sense as a term. The post advocates for a more fine-grained approach:
- rogue employees – This is actually the darkest prospect, and yet entrepreneurs fear it the most while it actually happens the least.
- security loss through incompetence – now we’re talking!
- just plain leaks – through, for instance, trusting a third party and then their incompetence exposed you to risk.
- outside attacker penetrating inside – really, every outside threat aims to become an inside threat.
Experience has proved out time and again, that under-trained or careless employees are the greatest threat vector. For every “Hollywood hacker” trying to get into your site, there’s a hundred receptionists setting their password to “1234”, a hundred associates using a malware-infected Windows PC to send mail, a hundred security guards who aren’t watching what they should, and a hundred coders who left a gaping exposure to XSS in your web page. It’s ridiculous to treat malicious attackers and mistakes all the same way.