Profiling the Inside Attacker
Saw this over at SNN
Some recent figures have shown an increase in percentage of internal vs external attacks. More often the former are the most damaging. Many companies have a hard, outer shell and little to no security on the inside. Data is transmitted in the clear, no access controls are deployed for file systems and applications, there is a lack of encryption, etc. The perimeter defenses will keep some of the bad guys out, but employees of the company often have full access to confidential information. ComputerWorld believes Internal Monitoring is the next wave in IT security and offers a profile of potentially dangerous insiders.
ComputerWorld