Return of the Guru

We Have Seen the Enemy, and He Works for Us

Ara Trembly
Insurance Experts' Forum, February 14, 2011

In what should be a huge eye-opener for anyone involved in insurance IT, an annual survey conducted last year by CSO Magazine—with help from the U.S. Secret Service, Carnegie Mellon Software Engineering Institute (CERT) and Deloitte's Center for Security and Privacy Solutions—found that while many organizations make solid efforts to strengthen their data security, many admit it is becoming increasingly difficult to outpace the efforts of the criminal community.

Perhaps more disturbing, however, is the source of those criminal attacks. According to CSO, “While outsiders (non-employees or contractors) are the main culprits of cybercrime in general, the most costly or damaging attacks are more often caused by insiders (employees or contractors). Outsiders invade organizations with viruses, worms or other malicious code; phishing; and spyware, while insiders most commonly expose private or sensitive information unintentionally, gain unauthorized access to/use of information systems or networks, and steal intellectual property.”

If internal breaches are not the majority of incidents, should we then pay less attention to them? Apparently not. Dawn Cappelli, technical manager for the Threat and Incident Management division of the Software Engineering Institute CERT Program, said insider attacks continue to be seen as a bigger problem than anything that might come from the outside—and are more costly to boot, says CSO.

The survey found that insiders most often use their laptops or copy information to mobile devices as a means to commit electronic crimes against their organization, the report adds. Respondents suggested that data is often downloaded to home computers or sent outside the company via e-mail.

So where does that leave us in our insurance enterprises? It’s one thing to acquire and maintain the latest anti-intrusion technology, and to clamp down on security-averse practices like allowing employees to visit questionable websites, but it’s quite another to try to sniff out the likely perpetrators of malice within one’s own walls.

If your company’s technology is already there in terms of being up-to-date, then the solution is not a technological one, but a human one. One must ask: Who within your gates is likely to commit such a crime—that is, who would have the means, the motive and the opportunity? The means and opportunity part would seem to point to your IT people, but don’t forget other executives and technicians who may also have access. In fact, it really doesn’t take much sophistication for almost anyone to copy confidential data to a thumb drive and walk out the door with it.

So when push comes to shove, one must carefully consider those who would have a motive. The inevitable “disgruntled employee” comes to mind, but then there are many such individuals who remain with companies or depart from them who never commit data thievery. The recently discharged employee sounds like a more logical choice, yet by the time he or she is jettisoned, the information may already have been pilfered.

In the end, when we try to put together a list of likely suspects within our own walls, we are—at best—speculating. So rather than trying to predict the future, perhaps we are better off being sensitive to those whom we know are disgruntled so that we can at least attempt to work out whatever grievances they may have. In other words, let’s talk to them.

Perhaps it’s only my counselor side coming out, but it seems to me that those who are treated fairly in this manner are much less likely to swipe critical data because their motives will be less significant, or perhaps done away with all together. At least they will know you cared enough to try and make things better, and maybe that will make the difference between an angry thought and a criminal action.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Driving Growth Through Distribution Management

In the current hyper-competitive marketplace, many carriers are focusing on improving their distribution practices as a key technique for driving growth.

The Start of a New Era: Digital Retailers and Insurance

Insurers from all around the world are making great efforts to become digital.

Google and Insurance: One Year Later

Google is getting the approval for selling insurance on their compare site in a large number of states via a number of different insurance partners.

How IT Managers Can Get Close to Policyholders

Four steps CIOs need to take to lead insurance organizations to greater “customer obsession.”

Strategic Initiatives for 2015: Making Sense of the Shifts

Insurers must choose between embracing innovation or just continuing with business as usual and run the risk of becoming a casualty in the new competitive battle.

To Stay in the Game, Insurers Must Aggressively Embrace New Consumer Technologies

Emerging technologies displayed at the CES could be some of the greatest change agents since the introduction of the Internet, offering breakthroughs that could challenge many businesses.