• E-mail this page
• |  Print this page
• | 
• | 
• | 

Let Us Predict

What has started to change is the prioritization of certain aspects of compliance management. And one of those priorities is a renewed focus on internal threat management as opposed to circling the wagons at the perimeter hoping for a good night's sleep. And that leads us to Prediction No. One: The shift to internal threat threat monitoring.

In our most recent poll we asked whether external or internal security breaches were potentially the most damaging to an organization. Only 19 percent of respondents indicated external threats were the most damaging. Another 29 percent said external and internal threats were harmful in equal measure. And 52 percent of the respondents felt internal breaches were potentially the most damaging.

This foretells a big shift in the way we secure corporate data and monitor employee behavior. In fact, monitoring employee behavior to prevent non-compliance could become one of key factors in managing risk in 2006.

The reason internal threats are so problematic is that they are near impossible to detect unless you have policies and detection systems in place. The other problem is that a high percentage of internal infractions are essentially accidents rather than malicious attacks. Sloppy e-mail and messaging habits, and non-existent data protection inside the firewall can lead to inadvertent information leakage that causes just as much harm as a full-blown external security incident.

Several vendors have started focusing on internal threat management and several more have added internal monitoring to existing security and compliance monitoring systems that previously focused on inbound and outbound infractions.

We recently saw LogLogic and Counterpane Internet Security have teamed up to deliver managed compliance services that include real-time forensics capabilities to respond to security incidents, compliance inquiries and internal threats.

For organizations that maintain business critical information on mainframe computers, we saw e-Security roll out its Sentinel Mainframe Connect add-on module for its Sentinel 5 enterprise compliance monitoring system. Sentinel Mainframe Connect monitors compliance events directly from mainframe computers and, used with Sentinel 5, correlates the information with other IT security and compliance events across the organization.

We also see systems that monitor user behavior for data usage violations like Consul Risk Management Inc.'s InSight Suite 6.0 which monitors, report on and investigate malicious and accidental violations.

Similarly, database tools vendor Embarcadero Technologies leveraged its acquisition of SHC Ambeo Acquisition Corp. with Ambeo's Activity Tracker, a database-auditing mechanism that monitors all user activity in real time, and Usage Tracker, which provides historical statistics on how data is being accessed and used.

In addition we are seeing a shift in the way e-mail and instant messages are managed for compliance to include archiving of internal messages that never leave the confines of the enterprise.

In all, this points to a very necessary next step in compliance management, and one that will get much more attention in 2006. Once you are able to keep the foxes out of the henhouse, and keep the hens from flying the coop, what do you do when the hens start working for the foxes?

« EBay Hears And Sees No Evil, It Just Sells It | Main | Too Much Time »