BreachExchange mailing list archives
Re: Keeping secrets from insiders likely to turn on you
From: "Al Mac Wow" <macwheel99 () wowway com>
Date: Fri, 13 Sep 2013 19:54:06 -0500
Depending on type of computer system used, identifying insider misbehavior, with the data, such as embezzlement, can be incredibly easy and inexpensive. Access logs need to be intelligible. Some are. They need to be viewed and acted upon. Check out Unbeaten Path. Many similar conceptual packages are available on some other platforms, from other firms. Of course, when a company finds out that there is an insider threat in progress, relevant managers should act accordingly, in a timely manner. Not like this scenario: http://www.unbeatenpath.com/news/SODconflictBrazil.pdf In my opinion, the government could do a much better job of combating insider threat if there was someone to go to for employees who feel disenchanted with what the government is doing. Like a Chaplain in the military, or an Inspector General who will keep the contact confidential. A lot of whistle blowing, outside of an organization, is because a disenchanted person feels they have nowhere to turn to complain about something they think is unethical, or because they fear that instead of wrong-doers being punished, rats will be punished. There's also an attitude that people are more likely to be criminals when they are struggling with personal financial misfortunes. I'd like to see some statistics whether there is any validity with that. It seems to me that many of the people who have done Ponzi schemes have been millionaires. Al Mac = Alister William Macintyre NSA = the only part of government which actually listens to the people. -----Original Message----- From: dataloss-bounces () datalossdb org [mailto:dataloss-bounces () datalossdb org] On Behalf Of Audrey McNeil Sent: Tuesday, September 10, 2013 11:35 PM To: dataloss () datalossdb org Subject: [Dataloss] Keeping secrets from insiders likely to turn on you http://www.canberratimes.com.au/it-pro/security-it/keeping-secrets-from-insi ders-likely-to-turn-on-you-20130910-hv1pl.html <snip>
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: o()xxxx[{::::::::::::::::::::::::::::::::::::::::> # InfoSec Builders, Breakers and Defenders - Time Square, New York City 18-21 November # OWASP AppSecUSA 2013 - http://www.appsecusa.org o()xxxx[{::::::::::::::::::::::::::::::::::::::::> Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- Keeping secrets from insiders likely to turn on you Audrey McNeil (Sep 11)
- Re: Keeping secrets from insiders likely to turn on you Al Mac Wow (Sep 16)