If you like suspense and horror movies, you know how often the plot hinges on one of the characters realizing that the threatening call is coming from
inside the house. Similarly, your IT security might depend on recognizing that a threat is coming from inside your organization.
Employees who are disgruntled or just plain careless can do enormous amounts of damage to your finances, intellectual property, and/or business operations.
A recent survey by SANS Institute
shows that companies are increasingly aware of these internal threats, but that they're still not prepared to detect and deflect them. As author and
SANS Institute fellow Dr. Eric Cole writes, "Insiders have access to critical information, understand how the organization is structured, and can bypass
security more easily than outsiders. They can therefore be in the best position to cause harm to an organization. Many organizations are still not
creating and implementing insider threat programs and need to aggressively increase their focus to better protect the organization."
The survey suggests that two-thirds of organizations either don't have a plan for responding to IT security events in place at all or don't have one that
can account for insider threats. Don't be in that high-risk group. Contact Xantrion for help developing an IT security event response plan that covers
all your potential threats, internal as well as external.