The nature of security often means it must be cloaked in secrecy. Organisations don’t want to talk about their approach to keeping digital assets safe, as the thinking goes that the more information that is out there, the more vulnerable they are.
This means that a lot of security professionals can feel like they are working in a bit of a vacuum. Security is never going to have the same kind of knowledge sharing economy that other areas of IT, or indeed business in general, have. The opportunities for security professionals to discuss their strategy, or even just broader opinions about the job they do, is rarer than it is for other disciplines. This issue can be magnified for IT professionals for whom security is just one aspect of their job, as it means it is always the one they are least able to discuss.
In the area of insider threat especially, many IT and security professionals are not at ease discussing the behaviours of their own users, or how they manage internal processes.
That is why we have produced ‘The insider threat peer report’. We found a few senior IT and security professionals, working in diverse industries spanning education, government, FMCG, finance and health, to tell us a bit about their views on internal security.
This report is not about case studies, or an in depth look into any of these organisations’ security strategies. It is a rare opportunity to get insight into the views and opinions of your peers on the topic of insider threat.
Who is quoted in this report?
All quoted contributors to this report are IS Decisions customers, spanning industries from education to finance, pharmaceuticals to FMCG.
IT Security team lead, University of Auckland
Vice President, Forreston State Bank
IT Manager, Bellicum Pharmaceuticals
IT Manager, The Scenic Route
Cyber Security Analyst, Criterion Systems
IT Manager, Undisclosed
Support Coordinator, Moet Hennessy do Brasil