An update to the Insider Threat Likelihood Rating
Or: Wholly Scary, Batman!
Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . .

When I gave my talks about the insider threat, I saw the looks on several persons faces as they thought, “not me.” I get that sentiment, I think that about every one of our employees here at infotex.
But the threat is real:
All you have to do is read the latest on LAPSUS$. The cusp, to me: The graphic on this article. It’s an ad, looking to recruit insiders.
It happens. And it can happen to ANYBODY. But if you are “any company providing telecommunications, a large software provider or gaming company, a call center, or a server host, you can make lots of extra money on the side.
Thus: the APT is a given. Thus, we assume breach in Zero Trust. Thus, the insider threat is real.
Original article by Dan Hadaway CRISC CISA CISM. Founder and Managing Partner, infotex
Dans New Leaf is a fun blog to inspire thought in the area of IT Governance.