2 minutes on: Interviewing for access

Share this article:
2 minutes on: Interviewing for access
2 minutes on: Interviewing for access

Since former Booz Hamilton contractor Edward Snowden came clean as the source of leaked classified documents that revealed the National Security Agency's (NSA) mass secret surveillance program, there's been debate over whether to label him a hero or traitor – or something in between. One category, however, into which he more neatly falls is the insider threat. But he's no ordinary insider who was motivated to steal data after being on the job for a while. To the contrary, Snowden, who said he acted from his conscience to inform the public about the spying program, told the South China Morning Post that he had every intention to purloin the top-secret documents, even before he signed his acceptance letter.

According to a survey of 179 network, security and risk and compliance professionals conducted by AlgoSec, a Boston-based network security firm, two-thirds of respondents believed that insider threats are the greatest risk to security.

While it's no surprise that these kinds of attacks are prevalent and considered serious by security professionals, what may be less prominent on their radar is a Snowden-type: Someone who joins a company with the sole purpose of committing theft or sabotage. It's what Jeffrey Carr, founder and CEO of security firm Taia Global, a McLean, Va.-based security firm, calls the “targeted” insider attack.

“Most organizations don't have the budget to do extensive background checks,” Carr said. “While this isn't a panacea, HR departments should pay close attention to any clues that might reveal a potential problem, share those with the people conducting the interviews, and compare notes on how the candidate addresses them.”

Still, this type of attack is the exception, not the rule, says Randy Trezciak, acting manager of the CERT Insider Threat Center at the Carnegie Mellon University Software Engineering Institute.

For nearly 13 years, his team has collected data and analyzed more than 800 incidents where insiders have harmed organizations. Based on their findings, few incidents were tied to an insider who intended to be hired in order to exploit the organization.

However, Trezciak doesn't think that organizations should rule out the chances of one day encountering such a scenario. “It's certainly within the realm of possibilities that those are threats that organizations should consider,” he said.

Share this article:

Sign up to our newsletters

More in 2 Minutes On

A single solution for retail breaches?

A single solution for retail breaches?

In the wake of recent headline-grabbing breaches at retail chains, arguments quickly arose regarding what could be done in terms of prevention.

Cyber extortion: To pay or not to pay?

Cyber extortion: To pay or not to pay?

Extortion isn't new when it comes to the threat landscape, but as of late, it seems as though it's the flavor of the times for saboteurs.

Privacy: Who cares?

Privacy: Who cares?

Following the recent headline-making breaches at Target and Neiman Marcus, as well as the secrets exposed by Edward Snowden, the question is: Who cares?