Comments on: True or False: 70% of security incidents are due to insider threats? http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/ Technologies and comments on cloud and telecom security, bridging China and the world! Mon, 19 Sep 2011 01:16:15 +0000 hourly 1 http://wordpress.org/?v= By: Vinod Bavara http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/comment-page-1/#comment-36360 Vinod Bavara Sat, 05 Dec 2009 09:05:29 +0000 http://sbin.cn/blog/?p=1491#comment-36360 With so much malware around, looking at Firewall and/or IDS logs gives the impression that as on today, outsider threat is more than insider threat. With so much malware around, looking at Firewall and/or IDS logs gives the impression that as on today, outsider threat is more than insider threat.

]]> By: Cassio Menezes http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/comment-page-1/#comment-36355 Cassio Menezes Wed, 02 Dec 2009 21:10:03 +0000 http://sbin.cn/blog/?p=1491#comment-36355 <span class="topsy_trackback_comment"><span class="topsy_twitter_username"><span class="topsy_trackback_content">70% of security incidents are due to insider threats? http://bit.ly/q5mBY</span></span> 70% of security incidents are due to insider threats? http://bit.ly/q5mBY

]]> By: Donn Parker http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/comment-page-1/#comment-36315 Donn Parker Sat, 14 Nov 2009 21:00:07 +0000 http://sbin.cn/blog/?p=1491#comment-36315 This type of discussion is useless. None of the surveys are valid representations of the sources of incidents. They are self-selected samples, samples that are too small, or samples that produce inaccurate feedback since the responders too often don't know the complete and accurate stories. Security incident occurences are open ended, i.e. we don't know what we don't know. What is an insider? This is defined differently by different experts -- people in positions of trust, employees, employees and cosultants, full or part-time employees, etc.? 36 incidents and broken down by all of those factors to two digits of precision? Statisticly useless. Donn This type of discussion is useless. None of the surveys are valid representations of the sources of incidents. They are self-selected samples, samples that are too small, or samples that produce inaccurate feedback since the responders too often don’t know the complete and accurate stories. Security incident occurences are open ended, i.e. we don’t know what we don’t know. What is an insider? This is defined differently by different experts — people in positions of trust, employees, employees and cosultants, full or part-time employees, etc.? 36 incidents and broken down by all of those factors to two digits of precision? Statisticly useless.

Donn

]]> By: Richard http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/comment-page-1/#comment-36311 Richard Thu, 12 Nov 2009 22:26:12 +0000 http://sbin.cn/blog/?p=1491#comment-36311 Why Measuring the Value of InfoSec is Hard (2) InfoSec* is inextricably part of the cyber trust “fur ball”, including Privacy Digital Rights Intellectual Property, brands, reputation, trade secrets Stakeholder disclosure … and physical security Historical loss data, even if copious and available, has limited use The landscape changes too fast Low frequency / high impact events matter Unique events matter The business value of InfoSec isn’t just loss prevention Value comes from the ability to support profitable risk taking e.g. Brakes, condoms Risk balancing is a reflexive process involving perceptions of risk and reward Varies dramatically by industry and sector E.g. a bank vs. a rock quarry By: Russell Cameron Thomas Principal, Meritology russell.thomas@meritology.com Why Measuring the Value of InfoSec is Hard (2)

InfoSec* is inextricably part of the cyber trust “fur ball”, including
Privacy
Digital Rights
Intellectual Property, brands, reputation, trade secrets
Stakeholder disclosure
… and physical security
Historical loss data, even if copious and available, has limited use
The landscape changes too fast
Low frequency / high impact events matter
Unique events matter
The business value of InfoSec isn’t just loss prevention
Value comes from the ability to support profitable risk taking
e.g. Brakes, condoms
Risk balancing is a reflexive process involving perceptions of risk and reward
Varies dramatically by industry and sector
E.g. a bank vs. a rock quarry

By: Russell Cameron Thomas
Principal, Meritology
russell.thomas@meritology.com

]]> By: Richard http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/comment-page-1/#comment-36306 Richard Thu, 12 Nov 2009 14:56:41 +0000 http://sbin.cn/blog/?p=1491#comment-36306 Posted by James Shanesy, CISSP I used to be a salesman of sophisticated, proprietary technology (not IT). I got out of it because I couldn't stand having to make promises that other people broke. At least now when I make a commitment, it's me and nobody else who either lives up to it or doesn't. And in INFOSEC when you fail to deliver, the results can be catastrophic. I never believe salesmen. Around here we make sure that the commitments and assurances we need are built into the contract. This all gets murkier and murkier as we migrate into "the cloud". Posted by James Shanesy, CISSP

I used to be a salesman of sophisticated, proprietary technology (not IT). I got out of it because I couldn’t stand having to make promises that other people broke. At least now when I make a commitment, it’s me and nobody else who either lives up to it or doesn’t.

And in INFOSEC when you fail to deliver, the results can be catastrophic. I never believe salesmen. Around here we make sure that the commitments and assurances we need are built into the contract. This all gets murkier and murkier as we migrate into “the cloud”.

]]> By: Richard http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/comment-page-1/#comment-36305 Richard Thu, 12 Nov 2009 13:46:59 +0000 http://sbin.cn/blog/?p=1491#comment-36305 The below is from LinkedIn CISSP community: Regardless of internal or external the weakest link in any information processing system from an INFOSEC perspective is the human element. I think that human factors engineering has been grossly overlooked in the IT sector in favor of spending billions on hardware and software solutions that can all be undermined by a basic user making a few keystrokes. But don't ask those OEM vendors if their product will protect the system from users doing less than intelligent acts as the answer from the sales rep is generally "sure we can handle that". I've grown cynical after experiencing users time and again showing a complete disregard for even the most basic INFOSEC practices in favor of "Get'r Done". Posted by Paul Zedeck, CISSP The below is from LinkedIn CISSP community:

Regardless of internal or external the weakest link in any information processing system from an INFOSEC perspective is the human element. I think that human factors engineering has been grossly overlooked in the IT sector in favor of spending billions on hardware and software solutions that can all be undermined by a basic user making a few keystrokes.

But don’t ask those OEM vendors if their product will protect the system from users doing less than intelligent acts as the answer from the sales rep is generally “sure we can handle that”. I’ve grown cynical after experiencing users time and again showing a complete disregard for even the most basic INFOSEC practices in favor of “Get’r Done”.

Posted by Paul Zedeck, CISSP

]]> By: Vision Jinx http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/comment-page-1/#comment-36301 Vision Jinx Thu, 12 Nov 2009 04:01:17 +0000 http://sbin.cn/blog/?p=1491#comment-36301 <span class="topsy_trackback_comment"><span class="topsy_twitter_username"><span class="topsy_trackback_content">RT @zhaol True or False: 70% of security incidents are due to insider threats http://bit.ly/3GL6gR</span></span> RT @zhaol True or False: 70% of security incidents are due to insider threats http://bit.ly/3GL6gR

]]> By: Lisa Spencer http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/comment-page-1/#comment-36298 Lisa Spencer Wed, 11 Nov 2009 18:15:13 +0000 http://sbin.cn/blog/?p=1491#comment-36298 <span class="topsy_trackback_comment"><span class="topsy_twitter_username"><span class="topsy_trackback_content">RT @MBenLakhoua: True or False: 70% of #security incidents are due to insider threats: http://bit.ly/3GL6gR (via @zhaol) #identity</span></span> RT @MBenLakhoua: True or False: 70% of #security incidents are due to insider threats: http://bit.ly/3GL6gR (via @zhaol) #identity

]]> By: Terry Brown http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/comment-page-1/#comment-36297 Terry Brown Wed, 11 Nov 2009 16:15:14 +0000 http://sbin.cn/blog/?p=1491#comment-36297 <span class="topsy_trackback_comment"><span class="topsy_twitter_username"><span class="topsy_trackback_content">RT @MBenLakhoua: True or False: 70% of #security incidents are due to insider threats: http://bit.ly/3GL6gR (via @zhaol) #identity</span></span> RT @MBenLakhoua: True or False: 70% of #security incidents are due to insider threats: http://bit.ly/3GL6gR (via @zhaol) #identity

]]> By: uberVU - social comments http://sbin.cn/blog/2009/11/10/true-or-false-70-of-security-incidents-are-due-to-insider-threats/comment-page-1/#comment-36290 uberVU - social comments Wed, 11 Nov 2009 16:12:57 +0000 http://sbin.cn/blog/?p=1491#comment-36290 <strong>Social comments and analytics for this post...</strong> This post was mentioned on Twitter by zhaol: #securitymetrics True or False: 70% of #security incidents are due to insider threats: http://bit.ly/3GL6gR... Social comments and analytics for this post…

This post was mentioned on Twitter by zhaol: #securitymetrics True or False: 70% of #security incidents are due to insider threats: http://bit.ly/3GL6gR...

]]>