2 minutes on: Interviewing for access

Share this article:
2 minutes on: Interviewing for access
2 minutes on: Interviewing for access

Since former Booz Hamilton contractor Edward Snowden came clean as the source of leaked classified documents that revealed the National Security Agency's (NSA) mass secret surveillance program, there's been debate over whether to label him a hero or traitor – or something in between. One category, however, into which he more neatly falls is the insider threat. But he's no ordinary insider who was motivated to steal data after being on the job for a while. To the contrary, Snowden, who said he acted from his conscience to inform the public about the spying program, told the South China Morning Post that he had every intention to purloin the top-secret documents, even before he signed his acceptance letter.

According to a survey of 179 network, security and risk and compliance professionals conducted by AlgoSec, a Boston-based network security firm, two-thirds of respondents believed that insider threats are the greatest risk to security.

While it's no surprise that these kinds of attacks are prevalent and considered serious by security professionals, what may be less prominent on their radar is a Snowden-type: Someone who joins a company with the sole purpose of committing theft or sabotage. It's what Jeffrey Carr, founder and CEO of security firm Taia Global, a McLean, Va.-based security firm, calls the “targeted” insider attack.

“Most organizations don't have the budget to do extensive background checks,” Carr said. “While this isn't a panacea, HR departments should pay close attention to any clues that might reveal a potential problem, share those with the people conducting the interviews, and compare notes on how the candidate addresses them.”

Still, this type of attack is the exception, not the rule, says Randy Trezciak, acting manager of the CERT Insider Threat Center at the Carnegie Mellon University Software Engineering Institute.

For nearly 13 years, his team has collected data and analyzed more than 800 incidents where insiders have harmed organizations. Based on their findings, few incidents were tied to an insider who intended to be hired in order to exploit the organization.

However, Trezciak doesn't think that organizations should rule out the chances of one day encountering such a scenario. “It's certainly within the realm of possibilities that those are threats that organizations should consider,” he said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in 2 Minutes On

Catching up to the insider

Catching up to the insider

Have effective changes been instituted to protect organizations from other Snowdens or negligent employees?

Skills in demand: Embedded security analyst in a mobile environment

Skills in demand: Embedded security analyst in a ...

Embedded security analysts are needed in a mobile environment.

A single solution for retail breaches?

A single solution for retail breaches?

In the wake of recent headline-grabbing breaches at retail chains, arguments quickly arose regarding what could be done in terms of prevention.