Debate by ProQuest


A global leader in serving libraries of all types, ProQuest LLC (“ProQuest”) supports the breadth of the information community with innovative discovery solutions that power the business of books and the best in research experience. More than a content provider or aggregator, ProQuest is an information partner, creating indispensable research solutions that connect people and information. Through innovative, user-centered discovery technology, ProQuest offers billions of pages of global content that includes historical newspapers, dissertations, and uniquely relevant resources for researchers of any age and sophistication—including content not likely to be digitized by others.

More Info
									Debate» Amid the financial services fallout,                                                                                                THREAT OF
                                                                                                                                           THE MONTH
malicious insiders pose the greatest threat.
      FOR       Enterprises large and small put                         AGAINST Be it malicious employees or
                their implicit trust in employees                                          sophisticated fraud rings, inter-               What is it?
                every day, and this trust is tested                                        nal and external fraud poses                    Worms have become
                during turbulent times. Happy,                                             substantial risks to banks and                  increasingly aware of the
                content employees who feel                                                 consumers. The greatest risk                    virtual environment. Security
                secure in their jobs and satis-                                            becomes a discussion of the                     researchers have long used
                                                                                                                                           “honeypots” to conduct
                fied with their pay seldom pose                                             defenses of the organization.
                                                                                                                                           research on malware. Virtu-
Dan Sarel       a real threat. However, when                            Ori Eisen            A screening process for                       alization is used to provide
vice president                                                          founder and chief
of products,
Sentrigo Inc.
                times are hard this changes,                            innovation officer,
                                                                        41st Parameter
                                                                                           employees reduces the risk of                   a controlled and easily repli-
                especially in large enterprises                                            hiring a crook. However, the                    cable honeypot platform.
and financial institutions where the stakes are                          chance of an employee turning bad for the
higher than just skimming the tip jar.                                  sake of greed is always there.                                     How does it work?
   Insiders have legitimate ongoing access to                              However, the risk is immensely greater if                       Malware developers have
sensitive info and systems, an infrastructure that                      the bank has insufficient security on its online                    learned how to detect when
                                                                                                                                           their code is running in a
outsiders need to work very hard to breach.                             storefront. The reason: for every rogue insid-
                                                                                                                                           virtualized environment
Under normal circumstances, insiders lack                               er, there are thousands of external crooks                         and then hide themselves.
the motivation to abuse this access, but with                           waiting to break in.                                               The malware can identify its
jobs being cut, bonuses not paid and increased                             We have seen a vast increase in phishing                        hosting platform as virtual-
M&A activity, employees that are normally                               attacks associated with recent bank mergers                        ized by looking for certain
trustworthy may decide to take “insurance” in                           and acquisitions, which take aim at consum-                        virtualized hardware devices
the form of sensitive info or merely act out of                         ers. Attacks coming in from the outside                            identifying BIOS characteris-
To top