Threat of hacking from the outsiders is a known fact, but some statistics suggest that 65% of the cyber crime is accounted for from within the organizations.
In
the Internet and e-commerce era, all the organizations
are totally dependent on complex information systems
for conducting their businesses. This dependency on
technology makes them vulnerable to computer crimes.
In the cyber economy, the most important assets of
any organization are its data and information resources.
All organizations in general and e-commerce organizations,
in particular, are well aware of this fact and are
taking many security measures to safeguard their interests.
World over, organizations are spending billions of
dollars on information security and related issues.
However, most organizations are catering well for
security threats from outsiders like hackers but surprisingly
not taking the threat from insiders seriously. According
to various studies, though the threat from outsiders
is growing in the recent past, threat from insiders
still accounts for more than 60% of the cyber crimes
committed. By and large the organizations are either
underestimating the insider threat or ignoring the
same under the false belief that there is no such
threat to their organizations. However the proven
fact is that no organization is safe from insider
attacks. At the core, insider threat is more of a
Human Resource Management (HRM) problem than a technological
problem. It deserves an analysis of the phenomena
of insider crime, who all comprise insiders, what
motivates them and various methods insiders follow
to perpetuate the crime and strategies organizations
can adopt to prevent insider crime.
In
any organization, it is the people of the organization,
the insiders, who design the complex information systems.
It is their own people who are operating and maintaining
them. All organizations must realize that the people
who can design and operate the systems can also attack
the systems. And that is what is really happening.
Cyber Crime is also known as Insider Crime due to
the sheer number of such incidents. According to IT
security pundits like Gartner and others, company
insiders account for 60% of all criminal activity
and security incidents. They are of the view that
most of the security managers and Chief Information
Officers (CIOs) are not paying the required attention
to this aspect, which has the potential to adversely
affect the organizational performance. And these observations
are valid. Further, some studies point out that organizations
are adopting new management practices like `Knowledge
Management' which mandate that the organizational
information should be freely available to the employees
for effective functioning. Sharing of information
and organizational networks, relative free access
by employees and other insiders, accrue a number of
benefits to the organization but at the same time
pose a great security threat.
|