When a person first starts out in the world of being a cyber security expert, they have a different impression then they will have leaving the job.
Their impressions are like most people and it is understandable.
We get our ideas about hackers, and the threat that a computer contains, from Hollywood movies.
They teach you that super smart hackers are able to infiltrate your system in little to no time at all.
They also show that all attacks come from the other side of the planet by either some Russian or Chinese kid.
Security Breaches Often Come From The Inside
In reality, that is only a small portion of the problem when it comes to a company’s network security being breached.
Usually the culprit can be found to be someone who either works there or has been fired recently.
Basically if you have ever seen the movie Office Space then you will have a pretty good idea of how most cyber security breaches happen.
In the movie a disgruntled employee and a couple of his friends find a way to be able to steal money from the company by using a piece of software that they wrote.
This is how a great deal of breaches happen, yet people are mostly focused on protecting the network from users on the outside.
This is very short sighted and can have dangerous consequences.
Dealing With Internal Threats
If you are an IT administrator, or the company’s security expert, then you must realize that you will need to have policies regulating the threat from inside of the network.
There’s needs to be a hierarchy so that only the people who need a piece of information can access it.
Not everyone that works at a company needs to have the power to access every file.
Also third party USB thumb drives and DVD disks should not be allowed on the system.
This is the perfect way to be able to infect a computer that is on the network (see the Conficker virus).
If these types of portable media are allowed, they need to be heavily regulated.
The problems that can occur from one of these devices is astronomical.
Of course guarding your network from threats that are outside of the network is vital in keeping a happy and secured work place.
Keeping that vector of attack safe is a full time job within itself.
But if you are not protecting your network from threats that are inside of it, then you are not doing your job.
Never give your workers 100% complete faith when they are working behind the network.
A worker having one bad day can hurt your company for weeks and maybe even longer.