The Sony breach – and virally every other recent high profile breach – has finally driven home what GreyHeller has been saying for some time – that the insider threat vector is as dangerous as the perimeter threat vector.
This survey of Federal IT managers in both civilian and defense sectors supports our view: Survey Cybersecurity priorities-shift insider threats
Security concerns from the survey:
- Cyber hygiene
- Spam tactics
Interestingly, data breaches and cyber espionage were further down the list. Really??!! We couldn’t agree less – data breach (leakage, unintentional disclosure, spillage) – is as serious a threat vector as any.
Finding ways to mitigate and remediate after a breach have got to be on the top of any organization’s cybersecurity priority list.