Incident Response, TDR

Debate: The model of ‘trust but verify’ is effective at mitigating the insider threat.


A. N. Ananth CEO, Prism Microsystems

The emergence of WikiLeaks has focused attention on the insider attack, yet it is not a new problem. While not as common as external attacks, insiders can be highly destructive to an enterprise's credibility and security.

Completely disabling functionality (e.g., removable media) in the name of hardening is impractical, inefficient and eventually noncompetitive. Ignoring the issue is just as bad. It is not a question of “if” the insider attack will happen; it is only a question of “when.” Responsible organizations should “trust but verify” when it comes to insiders – trust that employees are doing what is right, but verify that information is handled correctly.

Insider threats must be balanced with information needs by following several key steps. First, identify critical assets and establish access control based on need. Second, publish acceptable-use policies and educate users. Last, enforce these policies with effective monitoring of all access. Ideally, use behavioral analysis to identify variations and abnormalities from a running baseline.


John Kindervag senior analyst, Forrester Research

Trust, but verify – the sacrosanct mantra of modern infosec – has failed our profession. It is a joke – literally. It comes from President Reagan's speech commemorating the signing of a historic nuclear weapons treaty between the United States and the former Soviet Union:

President Reagan: We have listened to the wisdom in an old Russian maxim. And I'm sure you're familiar with it, Mr. General Secretary, though my pronunciation may give you difficulty. The maxim is: Dovorey no provorey — trust, but verify.

Gorbachev: You repeat that at every meeting.
Reagan: I like it.

Our profession misunderstood the joke and implemented trust and forgot to verify, thereby opening the door for numerous insider breaches, with WikiLeaks/Bradley Manning being the most prominent.

Trust is not a concept that should be anthropomorphized down to the packet level. We must quit trusting and start verifying. Until then, the joke is on us. Dovorey no provorey.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.