We’ve seen it in several years’ worth of FBI surveys: Most security incidents are “inside jobs” perpetrated by employees, former employees, contractors, vendors and others with inside knowledge, privileged access or a trusted relationship with other insiders. What do the insiders do that constitutes a security incident? They steal, alter or corrupt information assets. In other words, they take source code, customer lists, plans or specifications; they deface Web sites; they defraud the organization or embezzle funds; and they damage critical-information systems, which consequently threaten ongoing operations, at least for a time. Full Story