The Federal Reserve’s internal computer systems’ recent hacking was attributed to “a temporary vulnerability in a website vendor product.” Perhaps.
Likewise, hacking into U.S. government agencies , American industries, financial institution, universities and media, are most often attributed to the vulnerabilities and deficiencies of existing security systems. This in turn creates the impression that the U.S. is loosing its technological edge.
True or false, such impressions cause further damage the U.S. economy. However, a major contributing factor to the surge of cyber attacks on the U.S., the human factor, seems to be overlooked.
What’s Yours Is Mine: How Employees are Putting Your Intellectual Property at Risk, a survey published by California-based Symantec, shows that “most employees don’t worry much about the security of corporate data — and many of them are just fine with stealing it.”
The report’s findings highlighted that
“* 50 percent of employees who left or lost their jobs in the last year have kept confidential corporate data, and 40 percent of them admitted to planning to use that content in their new jobs.
* 56 percent of employees don’t believe it’s a crime to use a competitor’s trade secret information.
* 44 percent think that a software developer who develops source code for a company has some ownership in his or her work and inventions.
42 percent don’t believe it’s a crime to reuse those source codes, without permission, in projects for other companies.”
Ironically, Symantec’s recommendations focus on technical issues, such as, enhanced employee education, stricter enforcement of non-disclosure agreements and employment of advanced protection and monitoring technology, leaving the most important contributing factor — the accountability of the employee — untouched.
Yet, as the survey demonstrated, the quality of security system depends on the people who manage it, not only the machines.
Growing economic uncertainty and declining commitment between the employee and the company, creates perfect opportunities to buy/sell information and access.
We accept the notion that commercial competitors are scouting for such opportunities, but seem reluctant acknowledge similar and most likely better funded recruiting activity by enemies such as China, Iran and others.
Lest we forget, economic incentives have long led to spying, the second oldest profession.
Further Readings: