More jerks advocating their wares….I have taught since the mid 1990's that the greatest threat to computer security was the insider. On one hand He/She has access and only need motivation to become hostile. On the other hand, slovenly attitudes allow others, without access but motivation, to take advantage of the insider…..now all of a sudden it seems to be the great revelation…..and somewhat ties into Secrecy News release today about the leaking of information to a news reporter……
Phi Beta Iota: We will not dignify the vendor that inspired Brother DefDog's rant with a mention or link. Yes, the insider can do the most damage. Yes, modest internal measures can be taken (such as CIA finally got around to and DoD still cannot implement because of its decades of out of control cyber-archipelago private gardens). Two major points are still not understood by those who would be cyber-commanders:
1. No amount of tactical diligence can make up for strategic folly. When you have both a global and a domestic governance program that is out of control and obviously against the best interests of the public, this is going to inspire internal leaks that cannot be stopped.
2. Errors and omissions–bad design, bad acquisition, bad management–are made worse by excessive investments in information technology to the detriment of education and embedded human integrity. Paul Strassmann said this, Mich Kabay said this, both in the 1990's, and we still don't get it.