Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Data leaks happen - then what?
Monday - 1/17/2011, 9:40am EST
Senior Internet Editor
Agencies face cyber threats from all sides now. It's not just outside hackers that pose a threat.
Internal threats can be just as devastating, if not more.
Rodney Joffe, Senior Vice President and Senior Technologist at Neustar, told Federal News Radio the biggest insider threat isn't the technology. "It's almost always a human problem," said Joffe.
Choose your employees carefully. Run those background checks, then make sure you provide training on the impact of losses. "One of the best things that managers can do is to get employees to understand what the real impact is when you lose."
Then, said Joffe, make sure when you have security processes and training in place, "you pound the impact into employees and you make sure that they comply." Joffe said he has repeatedly seen that after a certain amount of time, employees start to take shortcuts, like not locking computers, and managers allow it.
Then there's the idea of slamming the lid down. "I think one of the things you really have to think about as a manager," said Joffe, "is being able to protect the data itself on a need to know basis. I mean we laugh about that in the classified world; 'it's need to know.' But that's really very important. Most data is easily identifiable in terms of who should be aware of it, so restrict who knows about it. Restrict who has access to it. And make sure you keep it like that."
After all is said and done, said Joffe, understand that the best you can hope for is to lessen the threat. "You can have the best background checks in the world, things are going to happen."
You really have to start from the point of view that with everything in place, if you follow all the rules and all the regulations and all the best practices, you will still have leaks. What you really need to do as a manager is, once you accept the fact that one day you will have a leak, you want to make sure you have processes in place to detect the leaks and to mitigate the damage as soon as possible.
Joffe made it clear he wasn't just talking about your network detecting the leaks. "I've yet to see in any of the meetings that I go to where employees who are trusted employees actually get checked for taking equipment or data out of premises. You can't do that. So even though you may have systems internally to detect leaks that go out from a network point of view, you really have to take care of the physical side of it, and the human side of it, and I don't know how you do that."
For more, including why monitoring in the outside world is important, listen to the entire interview at the top of this page.