Return of the Guru

We Have Seen the Enemy, and He Works for Us

Ara Trembly
Insurance Experts' Forum, February 14, 2011

In what should be a huge eye-opener for anyone involved in insurance IT, an annual survey conducted last year by CSO Magazine—with help from the U.S. Secret Service, Carnegie Mellon Software Engineering Institute (CERT) and Deloitte's Center for Security and Privacy Solutions—found that while many organizations make solid efforts to strengthen their data security, many admit it is becoming increasingly difficult to outpace the efforts of the criminal community.

Perhaps more disturbing, however, is the source of those criminal attacks. According to CSO, “While outsiders (non-employees or contractors) are the main culprits of cybercrime in general, the most costly or damaging attacks are more often caused by insiders (employees or contractors). Outsiders invade organizations with viruses, worms or other malicious code; phishing; and spyware, while insiders most commonly expose private or sensitive information unintentionally, gain unauthorized access to/use of information systems or networks, and steal intellectual property.”

If internal breaches are not the majority of incidents, should we then pay less attention to them? Apparently not. Dawn Cappelli, technical manager for the Threat and Incident Management division of the Software Engineering Institute CERT Program, said insider attacks continue to be seen as a bigger problem than anything that might come from the outside—and are more costly to boot, says CSO.

The survey found that insiders most often use their laptops or copy information to mobile devices as a means to commit electronic crimes against their organization, the report adds. Respondents suggested that data is often downloaded to home computers or sent outside the company via e-mail.

So where does that leave us in our insurance enterprises? It’s one thing to acquire and maintain the latest anti-intrusion technology, and to clamp down on security-averse practices like allowing employees to visit questionable websites, but it’s quite another to try to sniff out the likely perpetrators of malice within one’s own walls.

If your company’s technology is already there in terms of being up-to-date, then the solution is not a technological one, but a human one. One must ask: Who within your gates is likely to commit such a crime—that is, who would have the means, the motive and the opportunity? The means and opportunity part would seem to point to your IT people, but don’t forget other executives and technicians who may also have access. In fact, it really doesn’t take much sophistication for almost anyone to copy confidential data to a thumb drive and walk out the door with it.

So when push comes to shove, one must carefully consider those who would have a motive. The inevitable “disgruntled employee” comes to mind, but then there are many such individuals who remain with companies or depart from them who never commit data thievery. The recently discharged employee sounds like a more logical choice, yet by the time he or she is jettisoned, the information may already have been pilfered.

In the end, when we try to put together a list of likely suspects within our own walls, we are—at best—speculating. So rather than trying to predict the future, perhaps we are better off being sensitive to those whom we know are disgruntled so that we can at least attempt to work out whatever grievances they may have. In other words, let’s talk to them.

Perhaps it’s only my counselor side coming out, but it seems to me that those who are treated fairly in this manner are much less likely to swipe critical data because their motives will be less significant, or perhaps done away with all together. At least they will know you cared enough to try and make things better, and maybe that will make the difference between an angry thought and a criminal action.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Mobile Device Management – Find That Middle Ground

There's a tug of war over BYOD, but neither those in favor nor those against should tug too hard.

Vendors Embrace Mobile Technology

IT leaders at software firms clearly recognize the importance of mobility to drive their businesses forward. Almost 70 percent see mobility as mission critical or important to their organization today.

Digital Vision vs. Harsh Reality

Much work remains to reconcile insurers' digital vision with the digital reality that seems to be arriving for other industries.

Big Data Is Paying Off

Insurers are getting business benefit out of their big data projects, but these projects alone won't grow their business.

What Can Insurers Learn from Home Depot?

The latest cyber-attack highlights the importance of helping policy holders defend themselves.

Not Your Father’s Insurance Company

Carriers need to look at new and impactful ways to be there for their customers.