Page 55 - index
P. 55
The Transparent Vulnerability – The Insider:
The Most Important Cybersecurity Vulnerability Facing Information Technology
Managers Today
By Glenwood Elam
Many senior leaders of organizations are rightfully concerned about securing their information
technology environments. Prioritizing their security needs will allow them to allocate the needed
resources to meet their security goals and objectives. The “insider” vulnerability is the most
important priority facing information technology managers today. Recommendations are made
to guard against the insider threat and prevent the vulnerability from being exploited.
Additionally, there are law enforcement challenges; there is a low risk of being caught and
prosecuted. However, the future looks hopeful if organizations take the necessary precautions
to protect themselves.
Introduction
Given the media coverage of cyberattacks and cybersecurity, organizational leaders in all
industries are rightfully concerned about the security of the technology at their organizations.
Cyberattacks can cause significant destruction to a nation’s security, a hospitals reputation or
an organizations profitability. Many computer environments successfully utilize the best tools
and methods (firewalls, intrusion detection systems, demilitarized zones, antivirus software) to
prevent external users from hacking into their systems. Despite these efforts attacks still occur.
In 2004, a survey conducted by the United States (US) Secret Service and the US Computer
Readiness Team (CERT) estimated that cyberattacks cost business more than $666 million.
Many organizational leaders struggle with understanding cybersecurity, not to mention how best
to guard against it.
Cybersecurity is broad and complex; it is more than just computer security. To get a better
understanding of cybersecurity one must understand at least some of the fundamental
components that make-up this extensive field. It is also helpful to have an understanding of
computer science and how data is collected, transmitted and stored.
A basic understanding of mathematics as it relates to computer science is another important
component; data encryption and decryption are vital to maintaining the confidentiality of
intellectual property.
Some professionals also believe that a basic understanding of criminal behavior also enhances
cybersecurity professional’s abilities. In essence, the cybersecurity professional is the modern
day law enforcement officer with computer science and math skills.
Charged with the responsibility of leading their organizations, decision-makers have to decide
how to best allocate their limited resources to meet organizational goals. To achieve this, the
55 Cyber Warnings E-Magazine – July 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
