Information Security: Insider Alert
One of the forgotten lessons of the Trojan War: A high wall and a solid stone gate are great at protecting a city, but if an enemy ever gets inside the walls, watch out.
Companies allow many, many people inside their walls every dayemployees, contractors, visitors, and so onand any one of them, with just a few minutes on a computer, could cause havoc to the company's infrastructure. Most firms, just like the city of Troy, have little or no internal defense. Today's networks not only must be defended at the perimeter, but at vital checkpoints within.
Security risks come from more places than we can list or describe, unfortunately, and cyber threats are part of this new world order. Of course, threats still come from the classic sourcesthe stereotypical teenage hacker, working late into the night in his basement, just trying to see how deep into your network his talents and tools will take him. But they also come from several newly discovered sources, such as agents of a competing firm looking to create competitive advantage by stealing intellectual property, terrorists seeking to damage our nation's critical public and private infrastructure, and cyber warfare groups sanctioned by foreign governments seeking to neutralize our military readiness and communication.
In addition to these sources, an organization's security is threatened from within, as has been shown repeatedly in security surveys. Both inadvertently and intentionally, employees and other insiders have been known to weaken or compromise defenses.
While many organizations have scrambled to revamp or improve their securityat times spending huge sums of moneytheir first thoughts are generally on their perimeter defenses, often at the expense of interior defenses.