Tuesday, November 06, 2007

Insider Mom Musings

This has some interesting musings on insider attacks and risks, for example: "... my mom is really not capable of launching an internet based attack against a F500 enterprise. However, when she was an office manager, I am reasonably sure she had the ability to do lots of bad things."

Things of that sort help keep the insider angle at the center of attention. It leads me to a scary thought sequence:

a. Is the percentage of unethical people at a major F500 company any different than the entire world? Probably not - or not by much...

b. Thus, for every million of script kiddiez, you have, say, 10 "bad apples" at your org

c. Also, your firewalls/IDS/IPS/NBA/whatever will stop 99%-100% of the above millions

d. Your defenses will probably stop NONE of the 10 "insiders" (and they know where everything is...)

So, who is the bigger risk? I bet on the "evil mom."

Dr Anton Chuvakin