There are so many ways in which bad things can happen with the authorized access personnel and business partners have to sensitive data, personally identifiable information (PII), and business systems. Many times the bad things that happen are a result of a lack of awareness of how to properly protect information, a result of mistakes, or a result of malicious intent. Here is just one more example to add to your file of actual insider threat incidents.
Posts Tagged ‘insider threat’
HIPAA & 4 Lessons From an Insider Threat Example: Former Healthcare IT Manager Hacks Into System and Deletes PHI
Monday, September 10th, 2007HIPAA & 4 Lessons From an Insider Threat Example: Former Healthcare IT Manager Hacks Into System and Deletes PHI
Monday, September 10th, 2007There are so many ways in which bad things can happen with the authorized access personnel and business partners have to sensitive data, personally identifiable information (PII), and business systems. Many times the bad things that happen are a result of a lack of awareness of how to properly protect information, a result of mistakes, or a result of malicious intent. Here is just one more example to add to your file of actual insider threat incidents.
Insider Threat: Contractor Sabotages Space Shuttle Endeavour
Wednesday, August 1st, 2007It feels like I’ve been writing a lot about the insider threat lately, but then again, it seems I read about a new incident caused by insiders almost daily. So much time, effort and money is spent on keeping the outsiders from getting to systems and data, but a comparatively little amount is spent on addressing, and trying to prevent, insiders from doing bad things. Folks who are trusted and have authorized access can do so much harm. The technologies focusing on the outsiders are not going to do much to protect your information from insiders.
Insider Threat and Cowboys: The Wall Street Journal Tells Your Personnel How To Get Around Your Security
Tuesday, July 31st, 2007Oh, boy, reading this Wall Street Journal story, “Ten Things Your IT Department Won’t Tell You” brought back some memories of personnel who went to great lengths to get around security requirements!
Insider Threat Example: Payroll Employee Threatens To Illegally Use Other Employees’ PII If Not Given a Good Review
Sunday, July 22nd, 2007Here’s another example of the insider threat similar to situations that I’ve heard of happening many times throughout the years through conversations with folks at conferences and other professional meetings.
Medical Identity Theft and Bill Requiring Criminal Background Checks In LTC Facilities
Tuesday, June 19th, 2007I have had relatives very close to me who, because of degenerative diseases and medical problems, have had to go to long term care (LTC) facilities. I always worried about the care they were receiving when I was not around. I worried that others would not be caring for them in a truly caring and kind way. I worried that people who had been convicted of violent crimes and financial fraud might try to take advantage of them and the others in the facility. I tried to keep a close watch on them.
Another Study Supports The Need for Awareness and Executive Support
Monday, June 18th, 2007I’m always interested to read survey results related to information assurance. Of course the readers need to take the interpretations and summaries with a grain of salt; very few surveys are statistically representative of all organizations.
It’s Hard to Keep Secrets When You Entrust Them To Others
Friday, June 1st, 2007When you entrust sensitive information to a contracted company or individual, you are also accepting risk. If you do not perform due diligence to ensure your contractor has effective safeguards in place, and understands that your information is sensitive, and if you do not have specific security requirements within your contract, you are opening yourself up to a major embarassment, major incident, or both.
The U.S. State Department entrusts many of their secrets to many different contractors. They have found themselves with yet some more bad press as a result of one of their contractors.
The Eyes of IT are Upon You! Curiosity Often Trumps Do The Right Thing According to New Study
Thursday, May 31st, 2007At a company I did work for there was a middle manager in the IT area who liked to be the person “in the know.” At meetings he always would talk about ideas or plans that otherwise he should not have been privvy to.
Insider Threat Example: Leaked Clinton Memo Provides At Least 5 Good Security Lessons
Tuesday, May 29th, 2007Mid-last week it was widely reported, probably more so in the national news than here in Iowa, that one of Hillary Clinton’s top campaign folks had written a memo to her urging her to skip Iowa and focus on other states. This leaked memo was the grist of much discussion on the political talk shows over the weekend.
