Insider Threat Example: Obama’s Campaign Folks Make Email Mistake

No matter how much technology you throw at trying to prevent security incidents, the weakest link in the organization, your personnel (who could be your strongest link with effective training and ongoing awareness) can defeat that security technology.
On purpose, because of lack of knowledge, or by making a plain ol’ mistake.
And EVERYONE makes mistakes. Fewer if they are more diligently aware though.

You know how easy it is to do an “OOPS!” and send an email to the wrong folks? I’ve blogged about it often.
Well, it was widely reported today that some folks on Barack Obama’s campaign team accidentally sent his talking points for tonight’s final presidential debate to the PRESS instead of to their STAFF.
Why would you create a distribution mail list for an outside group, particularly the press, that could be easily confused, or similar to, your internal staff distribution list?
This ABC News report, “Obama Flack Accidentally Sends Out Pre-Debate Talking Points” printed the message in its entirety.
Since they are talking points, there is not much in them, if anything, that you have not heard during the campaign blurbs. Of course, I’m sure the Obama camp would rather McCain did not know ahead of time the points that Obama will be making.
Here’s the very first line in the email message:

“Reminder: These are for staff only and not for distribution.”

Umm…yeah…whomever sent this message most surely has not only a red face, but likely an earful of rants from fellow campaign-workers.
Just points out how very important it is to make your personnel aware, and actively taking notice every day, of their security- and privacy-impacting actions.
A few daily pinches of training and awareness prevention is worth many tons of incident and breach cures.

Tags: , , , , , , , , , , ,

Leave a Reply