[WEB SECURITY] justifying the focus on insider threat

Bil Corry bil at corry.biz
Mon Aug 17 14:35:35 EDT 2009

Mark Feferman wrote on 8/17/2009 11:50 AM: 
> I couldn't agree with you more...in particular, the need for
> enterprise application development requirements to include things
> like least privilege and thorough logging.

Bruce Schneier has a great post[1] about "five basic techniques to deal with trusted people" in which he explains:

These security techniques don't only protect against fraud or sabotage; they protect against the more common problem: mistakes. Trusted people aren't perfect; they can inadvertently cause damage. They can make a mistake, or they can be tricked into making a mistake through social engineering.

That's a great point - does the cost to catch/mitigate an insider attack differ much from the cost to catch/mitigate innocent and engineered mistakes, since presumably the processes are very similar for both?

- Bil

[1] http://www.schneier.com/blog/archives/2009/02/insiders.html

Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

More information about the websecurity mailing list