EDITOR’S QUESTION
employee, the use of legitimate credentials
would show up as if it were an employee.
As insiders form a variety of threats, a layered
approach should be taken. This includes
technical controls which can look at user
behaviour and raise alarms where something
appears out of the ordinary, such as a large
transfer of files to external destinations.
When dealing with humans, often the
best detection and remedial action is
having a strong security culture within the
organisation so that people themselves can
help to identify any issues. For example, it is
rare to see an employee become disgruntled
overnight and come in to cause harm the
next day. So, having good line managers
that can spot the signs early and who can
help affected employees would be a far
more effective approach than relying on
technology alone.
Ultimately, it’s a delicate balancing act. At
the moment, technology is not sufficiently
advanced to fully understand humans
and make rational decisions, which is
why, in today’s enterprise, everyone has
a role to play in ensuring the security of
the organisation, and their colleagues.
Neglecting to foster a security culture and
ignoring the human element is a mistake no
company can make in this day and age.
www.intelligentcio.com