Your biggest threat is inside your organisation and probably didn’t mean it


It doesn’t have a super-sexy moniker like KRACK or Heartbleed, but the spectre of the insider threat looms large for organisations, and has done so for as long as electricity, silicon, and computing have been paired up to store information.

While it’s easy to imagine a disgruntled, unhappy employee becoming a malicious actor within an organisation, and dumping the family jewels out of spite, it is much more likely that a well-intentioned employee did something they really shouldn’t have.

In recent times, it seems as though a spate of data leakage has occurred due to the discovery of data left sitting on world-viewable servers. For instance, Accenture left its keys to the kingdom exposed on four servers, Verizon had 14 million subscriber records sitting unprotected on Amazon S3, and even Australia’s national broadcaster, ABC, was found wanting last week when it revealed to have had customer details and 1,800 daily MySQL database backups exposed.

Read more…
Source: ZDNet