Driven by the consolidation of valuable information and the professionalization of computer crime, database attacks are often launched through insiders with full authorization to access the information they steal. Both the Computer Security Institute and the FBI survey document the rising incidence of such attacks. Infrastructure security solutions such as perimeter-based defenses, access controls, and intrusion detection can do little against authorized insiders. And the fact remains that no screening and authorization process can be perfect.

Unauthorized behaviors by authorized and unauthorized users

Database attacks represent unauthorized behaviors, by both authorized and unauthorized users. As we have seen, authorized insiders constitute a major threat against information safety and integrity. Barring a perfect screening process, no permission-based, asset-centric security system can close this fundamental vulnerability.

The problem grows worse

Business enterprises and security companies are in the early stages of their response to the resurgence of threats to their information assets. Yet as they struggle toward solutions, the problem grows worse. More information is made available to customers, partners, and suppliers through Web portals, often linked to critical databases. Companies integrate customer-facing applications such as customer relationship management, service provisioning, and billing more tightly, spreading critical information more widely within and across organizations. In addition more businesses outsource and offshore critical business processes to new “insiders” who may not meet their own organizations’ internal screening processes. Increasingly automated management of intellectual property, for example in pharmaceutical companies and genetic research, may put corporate assets of significant value in highly-accessible databases Virtually any organization, public or private, is at risk of public embarrassment, financial loss, and government investigation when critical information is stolen or compromised.


More complexity - more issues

Attack an application often enough and you’re bound to find exploitable holes. Databases complicate the issue by being complex beasts that feed information to and from other applications – some vendor-supplied and others perhaps created in-house or via supplied APIs. The more complex an application becomes, the more likely it is to harbor hidden holes.

2. New security requirements

Security is shifting from protecting the device and learning about individual users to thinking about the policies that I deploy around user interactions and information protection, and having policy management techniques and technologies that give me warnings or block access or activity when it doesn’t conform to what I had prescribed.