Browse archive

Latest news

Experts highlight top data breach vulnerabilities

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

A closer look at Mega cloud storage

CISOs need to engage with the board

Find TrueCrypt and BitLocker encrypted containers and images

The CSO perspective on healthcare security and compliance

Hacking charge stations for electric cars

Social Engineering And Other Threats To Internal Security

by Ari Tammam - Promisec - Monday, 19 December 2005.

Most companies do not think twice when considering security solutions at the gateway to protect the perimeter and control all communications going in and out of the organization but for whatever reason do not place much importance on the threat from within. If we take the example above, of a salesman synchronizing his PDA with his PC we can see how easy it is to bypass the gateway and open an unsecured connection from within the organization rendering investment in the gateway as only a partial solution since too many holes still exist in the security apparatus that need plugging.

A recent study on digital security claimed that 90% of companies surveyed reported ‘Insider abuse of Internet access’ while 50% had experienced unauthorized access by insiders and 40% by outsiders. These figures are certainly not trivial and highlight a problem that is only increasing in its magnitude.

For many years now industry analysts have been saying that most threats originate within the network with estimates going as high as 80% of attacks originate internally. However, the perception of most organizations is that protecting the perimeter is paramount and that securing the internal network is only a secondary or even tertiary concern. This may be true since the most malicious attacks do come from the outside in many forms; DoS attacks, Viruses, Worms, SYN floods etc. and to make them even more difficult to detect many of the attacks are fragmented.

All of this means that securing the perimeter with intelligent security applications is still of paramount importance but no less important is securing the internal network to complement the security devices at the gateway. Some companies have started shifting their security budgets to a more balanced investment between the perimeter and the internal network and this should increase as more and more companies realize the threat from within. Simple, easy to use solutions that can run in the background and provide intelligent security threat alerts that can be acted on immediately either by individuals or by the solution itself is a step towards hermetically sealing networks both from within and at the perimeter. These types of solution are as necessary to have as a firewall or Anti Virus solution but they must be complimentary and have minimal financial overhead to an already tightly budgeted IT Security department to be cost effective.

Promisec are exhibiting at Infosecurity Europe 2006. Held on the 25th – 27th April 2006 in the Grand Hall, Olympia, this is a must attend event for all IT professionals involved in Information Security.