As a special feature of our blog—special guest postings by experts, clients, and other professionals—please enjoy this blog entry from Charlie Platt, a director at iDiscovery Solutions and a Certified Ethical Hacker. He advises clients on data analytics, digital forensics, and cybersecurity.
At the airport recently, waiting for boarding, flipping through an issue of United States Cybersecurity Magazine, an article about detecting insider threats caught my eye. It was loosely based on a list of behaviors it claimed were ideal indicators for detecting insider threats. I thought, “Wow, this is great! I know plenty of clients who could benefit from this information.” Insider threats are difficult to detect, and I was excited by the opportunity to get new insight, but I became more and more distraught as I read on. The longer I read, the more I saw myself, and many of my cyber-colleagues, being described by the author’s so-called threat indicators. How could we, the good guys, be mistaken for threats?
I read through the list again, and for each point, I asked, “Is this a reliable indicator of a real threat, or a false positive?” I’ve provided the entire list below with my thoughts on each item. Continue Reading Great Employee or Insider Threat?