- 4chan hell raisers finding fame brings heat?
- The 10 dumbest mistakes network managers make
- NetApp quits bidding war in face of EMC opposition
- CompuServe closes after 30 years
- Google to launch open-source Chrome OS this year
Whom can you trust? In security, many of us nurture a healthy sense of paranoia and tend to be distrustful. But as human beings, as social beings, we form bonds of trust with those around us.
Behavioral psychology and sociology show that we have tribal behaviors that lead us to associate and trust those in our "tribe." These behaviors may even have biological underpinning -- we're wired to trust our group. In a modern corporate environment, our co-workers are part of our tribe, and we extend a high level of trust to them. We might want to fight our instincts on this one, however.
Every time there's a recession, crime goes up. Even good people will make poor decisions under economic pressure. From a security professional's point of view, recessions are a time of higher risk. Both internal and external attacks are likely to increase. The rising tide of crime will lift all attacks, across all areas of exposure (view a slide show, "The 10 worst security breaches of all time"). On top of everything else, you may have to contend with layoffs. Nothing makes a good person angrier and more motivated than a pink slip.
Greed, anger or desperation are what motivate insiders to attack their own companies. Most serious computer crimes I have seen (or been involved in investigating) were insider attacks. If your company is making layoffs, you will have to contend with angry and desperate people.
Here are some of the insider issues to look out for during a recession:
* Employees may find themselves struggling with medical payments, mortgage payments or other financial issues. Many insider attacks start with an insider with access to corporate capital "borrowing" some money with every intention of
returning it. While they rationalize the action, these employees often will get into a snowballing situation that leads them
to further embezzlement. Guard financial systems and make sure you have checks and balances in place.
* Layoffs will often trigger acts of revenge. These are most dangerous if they involve people in IT or finance. Logic bombs are the most common type of revenge on IT systems.
Embezzlement also can be an act of revenge or desperation. Tighten password and access controls. Audit remote-access systems
for unusual behavior.
The Leader in Network Knowledge
Comments (4)
I disagree with everything.By Anonymous on November 14, 2008, 6:31 amBad people are bad fullstop! Nothing changes. If company policies are so flimsy to allow a single employee to do so much damage then sack the person who makes the...
Reply | Read entire comment
Strong management, good communicationsBy Schratboy on November 13, 2008, 10:48 amThere are always going to be issues regarding network/internet use. If company mgmt has a hands-off approach then these are likely already a serious issue. Good...
Reply | Read entire comment
Revenge only backfires on those who try itBy Anonymous on November 13, 2008, 8:56 amI've been angry at a couple companies I have left, but I would never seek revenge. Why? Because in the long run it would harm my career far more than it would...
Reply | Read entire comment
Good people do bad things?By tuomoks on November 12, 2008, 10:31 pmGood people don't do bad things no matter what. Bad times just bring more bad and weak people out of closet. That much is true. Yes - there is a tendency to trust...
Reply | Read entire comment
View all comments