Breaches point to insider threat

Organizations are most concerned about protecting the network against external attacks, but actual breaches are pointing to culprits dwelling within the corporate walls.

A survey of 83 IT decision-makers conducted by Forrester Research revealed that while insider breaches topped the list of attacks in 2005, this kind of risk is only a mid-level concern among organizations.

There is a “clear misalignment” between what enterprises perceive as risks and the real risks in data security, wrote Forrester analyst Jonathan Penn in his report entitled, Aligning Data Protection Priorities with Risks.

“[Survey respondents] underinvested in protecting against (attacks by) authorized users, and overinvested in protecting against attacks exploiting network and system vulnerabilities,” said Penn.

Thirty-four per cent of the companies surveyed by Forrester suffered at least one data breach in 2005, and of those, 53 per cent were caused by insider attacks. Only seven per cent reported Web site, network or system attacks last year.

New offerings from Oracle Corp. and EMC Corp. aimed at strengthening internal controls to protect against insider attacks.

Oracle’s new Database Vault, for instance, enforces preventive controls by rationalizing access to the database by so-called “super users,” such as database administrators (DBAs), based on their specific duties.

“While you have a lot of controls on basic user population, you (also) have super users like the DBAs who are completely unrestricted; they can go anywhere and everywhere in the system…whether it’s relevant to their jobs or not,” said Wynn White, senior director, security and identity, Oracle in Redwood Shores, Calif.

Oracle’s Database Vault sets realms that are essentially “protection zones” that define an application or a particular object in a database that an administrator can have access to, said White.

Rules are then set around that realm that further restricts access based on operational requirements, he added. EMC Corp. has taken an “information-centric” strategy to security, said Dennis Hoffman, EMC’s vice-president of information security in Hopkinton, Mass.

“Perimeter-centric security is necessary, but it’s not sufficient to actually protect the data,” Hoffman stressed.

EMC packaged a number of its products and services to offer a four-step approach to information security that includes an assessment of an organization’s level of information security, securing the information infrastructure, directly protecting sensitive data, and managing information security deployments to measure their effectiveness.

QuickLink 068065

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now