via Federal Computer Week
In the wake of the WikiLeaks disclosures, all the soul searching and mandated risk assessments have made one thing painfully clear: Some of the most damaging security breaches originate from inside an agency’s firewalls.
A new study helps quantify that reality. According to the 2011 CyberSecurity Watch Survey conducted by CSO magazine, security breaches caused by once-trusted employees and contractors account for one in five attacks across all industry sectors. Moreover, the consequences of such events can be significant: Insider security breaches are more costly than those by outside hackers, according to one-third of the survey’s respondents.
Such developments are spurring agencies to redouble their efforts to strengthen internal defenses while still balancing the need for trusted insiders to appropriately access sensitive information for their jobs.
There’s just one problem: No matter how diligent agencies might be about security, there are no easy answers. No combination of technology and policy will fully protect against someone with special access privileges who decides to betray that trust.