Your greatest security risk may not come from outside attacks but from your own employees. Setting policies and procedures aren’t enough to stop the problem, but new security event management technology can help. Are malicious insiders—employees or hackers posing as employees—stealing your intellectual property? Loss due to insiders is a persistent problem, according to reports such as the annual CSI/FBI Computer Crime and Security survey. Yet when it comes to combating insider threats, many organizations falter. One issue is how to quantify the problem, then know how to apply resources to lower risk. New security technologies should help. They provide organizations with a picture of what insiders are actually doing. Instead of just setting policies and procedures, organizations can set a baseline on employees’ activities, then adjust policies to compensate. Security Strategies discussed insider-monitoring technology, and how to quantify risk, with Kris Lovejoy, vice president of technology and services for security vendor Consul. Lovejoy has worked with such organizations as the National Security Agency, EDS, and Trusecure, developing insider-risk metrics along the way. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.