A new perspective on the insider threat
by Mirko Zorz - Wednesday, 14 December 2011.
When talking about the insider threat, the first that comes to mind to many (if not all) information security professionals is the threat posed by rogue insiders that knowingly help attackers gain access to internal systems or deliver information from it.

But there is another type of "insider" - the regular employee that falls for social engineering attacks and unwittingly becomes an accomplice to the attackers.

Since hackers have realized in the last couple of years that it is practically always easier to start with this type of approach, the expression "insider threat" may soon become a synonym for "uneducated employee".

In this podcast recorded at RSA Conference Europe 2011, Brian Honan, Principal Consultant at BH Consulting and founder and head of the Irish CERT, talks about the need for IT departments and employees to start working together and to realize that they are on the same side.

The former should think about ways to educate the general employee population about the dangers lurking behind unsolicited emails, messages and phone calls and about making themselves more available to answer questions and share their expertise, while the latter should not be afraid to admit they have made a mistake as soon as they made it and inform the IT department of it, so that it could react quickly to stem possible attacks.

Press the play button below to listen to the podcast:



Download the MP3 of the podcast here.

Spotlight

Android Fake ID bug allows malware to impersonate trusted apps

Posted on 29 July 2014.  |  Bluebox Security researchers unearthed a critical Android vulnerability which can be used by malicious applications to impersonate specially recognized trusted apps - and get all the privileges they have - without the user being none the wiser.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //