ICIW2008: Outsourcing and the Insider Threat

Carl Colwill, BT DEsign Security Risk & Compliance, UK

  • “The insider will always be the greatest threat”
  • Worry about the senior people, not just the lowest people
  • hard to distinguish your people from 3rd party people due to so much outsourcing
  • it’s a rapidly changing world
  • national and international boundaries are being stretched
  • India is a playground for intelligence communities right now
  • risk assessments are essential
    • incorporate regional factors
    • what are the crown jewels?
    • highlight risk priorities
    • identify layers of control
  • streamlined risk assessment tools need to feed into business decisions
  • By outsourcing you may actually be giving away confidentially
  • new opportunities for attack
    • loyalty thresholds
    • most threat agents will apply inducements to turn insiders
    • failing that they’ll infiltrate with their own people
  • complex mix of threat agents and influences
  • what can be done?
    • many controls
      • physical
      • logical
      • personnel
    • key topics
      • categorizing 3rd parties
      • segregation (physical & logical)
      • minimum privileges (physical & logical)
      • system & user account mgt
  • many approaches can be applied to build trust and relationships
  • but allin the context of massive vendor staff churn
  • it’s not just about technology
  • compliance is fundamental
    • evidence &detection
    • ongoing education and awareness
    • requires periodic onsite visits
  • conclusions
    • outsourcing is increasing attach posibilities
    • these threats can be assessed, modeled & managed
    • however can be expensive
    • it’s a balance of risk and cost
Posted in UncategorizedTagged

Leave a Reply

Your email address will not be published. Required fields are marked *