In recent weeks, a number of cybersecurity experts have highlighted the danger posed by insider threats. Dawn Cappelli and Randy Trzeciak, for example, told BankInfoSecurity that inadvertent insiders - employees who are tricked into assisting cyberattackers - should be a major concern for every organization that handles sensitive data.
Addressing this issue, computer security analyst Dan Geer recommends that organizations alter their operating environments in order to better enable IT departments to identify potential malicious insider activity, SC Magazine reports. The key, according to Geer, is to achieve a state of "no silent failure" - that is, to make it impossible for a security breach to occur without anyone noticing.
To achieve this level of defense, Geer advocates for increased log monitoring. "The most cost-effective solution to this engineering problem is to instrument the operating environment so that data does not move without that movement being observed by the instrumentation."
By increasing monitoring of activity within a network, he claims, computer security professionals can better spot and potentially put a stop to anomalous activity by a malicious insider.
