Following the news that CIA are in the midst of a search for an insider who is suspected to have leaked last month’s information to Wikileaks. The agency said the material was stored in a highly secured location but that hundreds of people would still have had access. Piers Wilson, Head of Product Management at Huntsman Security commented below.
Piers Wilson, Head of Product Management at Huntsman Security:
“Whether individuals view this as the righteous act of a whistle-blower and a victory for free speech, an act of blatant treason, or something in-between, at its heart it is a failure of access controls and monitoring. The fact that an organisation built around a culture of confidentiality, with a high degree of security knowledge and employee screening, and which has suffered breaches in the past, can still fall victim to insider attacks is a reminder to organisations of any size, in any sector.
Fundamentally, users in any position will need access to data in order to do their jobs, meaning a determined leaker will always have the opportunity to misuse this access. In such a situation, prompt detection and response are at least as important as preventing that leak in the first place. Not only should a user have no access to data beyond what they need; if they somehow do access that data, or perform any unusual activity with that information they can access can access, alarm bells should ring loud and clear.
However, best practice means more than identifying potential threats. Any responsible organisation should have mechanisms to allow whistleblowing and reporting of issues as part of its normal governance structures, and ensuring that any reports are dealt with correctly and appropriately. When ethical boundaries are crossed staff should have a way to flag these safely and trust that action will be taken, rather than feeling they need to resort to potentially criminal activity.”