It’s been 5 years since Edward Snowden leaked confidential documents to The Guardian and Washington Post before going on the run and eventually entering Russian territory. Ken Spinner, VP at Varonis commented below.
Ken Spinner, VP at Varonis:
Years later, which is ancient history in cybersecurity years, many organizations are still catching up with spotting and stopping insiders from abusing their privileges. Companies are spending millions to develop technology and IP and protecting it with the equivalent of a $5 lock you’d find on a high- school locker. Unless security measures are set up to raise alarms and stop insiders in their tracks, leaks will continue and companies will lose.
Organizations have gotten sloppy when it comes to protecting their secrets. All it takes is one motivated individual to take whatever they can get their hands on. In many cases that can mean thousands, or even hundreds of thousands, of sensitive documents when files are unprotected and open to every single person in the organization. It’s a smash-and-grab without the smash.
Another interesting point is that people remember the likes of big names like Snowden, Julian Assange, and others. The problem is bigger than any one insider or leaker. The last five years have resulted in massive numbers of breaches, yet attribution seems to be becoming an afterthought. Anyone know the names Vladimir Drinkman or Dmitriy Smilianets? Both were sentenced to prison for crimes targeting credit card processors, banks, retailers, and other corporate victims.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.