Public CIO - December 2008/January 2009 - (Page 18) Threat h How public CIOs can use risk-management strategies to identify high-risk IT users and prevent them from causing problems. Entitlement creep. Orphan accounts. Separation of duty. As much as those sound like terms from a Charles Dickens novel, they’re actually parts of a very modern problem for public CIOs. Each is an issue that contributes to the biggest IT security weak spot in any public or private organization: internal users. For all the attention spent on external hackers, employees and contractors with legitimate access to applications and databases are by far the most serious threat to BY JACKIE GILBERT BY | Insider information security. Nearly half of inside IT users “exhibited some inappropriate or concerning behavior” prior to an incident, according to the January 2008 report Insider Threat Study: Illicit Cyber Activity In the Government Sector by the U.S. Secret Service and Carnegie Mellon University. More than 85 percent of incidents were committed by staff with authorized access to IT systems, and 69 percent of the time access control gaps helped the insider abuse the system. TECHNOLOGIES SAILPOINT McKEITH ILLUSTRATION TOM [18]
Table of Contents Feed for the Digital Edition of Public CIO - December 2008/January 2009 Public CIO - December 2008/January 2009 Contents Contributors Introduction Tense Times Insider Threat Twenty and Counting Labor of Love Putting Process Into Play Crossover Appeal FastGov CIO Central Security Adviser CIOs Pluck BlackBerry Phones From the Field Straight Talk Public CIO - December 2008/January 2009 Public CIO - December 2008/January 2009 - Public CIO - December 2008/January 2009 (Page Cover1) Public CIO - December 2008/January 2009 - Public CIO - December 2008/January 2009 (Page Cover2) Public CIO - December 2008/January 2009 - Public CIO - December 2008/January 2009 (Page 3) Public CIO - December 2008/January 2009 - Contents (Page 4) Public CIO - December 2008/January 2009 - Contents (Page 5) Public CIO - December 2008/January 2009 - Contents (Page 6) Public CIO - December 2008/January 2009 - Contents (Page 7) Public CIO - December 2008/January 2009 - Contributors (Page 8) Public CIO - December 2008/January 2009 - Contributors (Page 9) Public CIO - December 2008/January 2009 - Introduction (Page 10) Public CIO - December 2008/January 2009 - Introduction (Page 11) Public CIO - December 2008/January 2009 - Tense Times (Page 12) Public CIO - December 2008/January 2009 - Tense Times (Page 13) Public CIO - December 2008/January 2009 - Tense Times (Page 14) Public CIO - December 2008/January 2009 - Tense Times (Page 15) Public CIO - December 2008/January 2009 - Tense Times (Page 16) Public CIO - December 2008/January 2009 - Tense Times (Page 17) Public CIO - December 2008/January 2009 - Insider Threat (Page 18) Public CIO - December 2008/January 2009 - Insider Threat (Page 19) Public CIO - December 2008/January 2009 - Insider Threat (Page 20) Public CIO - December 2008/January 2009 - Insider Threat (Page 21) Public CIO - December 2008/January 2009 - Insider Threat (Page 22) Public CIO - December 2008/January 2009 - Insider Threat (Page 23) Public CIO - December 2008/January 2009 - Twenty and Counting (Page 24) Public CIO - December 2008/January 2009 - Twenty and Counting (Page 25) Public CIO - December 2008/January 2009 - Twenty and Counting (Page 26) Public CIO - December 2008/January 2009 - Twenty and Counting (Page 27) Public CIO - December 2008/January 2009 - Twenty and Counting (Page 28) Public CIO - December 2008/January 2009 - Twenty and Counting (Page 29) Public CIO - December 2008/January 2009 - Twenty and Counting (Page 30) Public CIO - December 2008/January 2009 - Twenty and Counting (Page 31) Public CIO - December 2008/January 2009 - Labor of Love (Page 32) Public CIO - December 2008/January 2009 - Labor of Love (Page 33) Public CIO - December 2008/January 2009 - Labor of Love (Page 34) Public CIO - December 2008/January 2009 - Labor of Love (Page 35) Public CIO - December 2008/January 2009 - Putting Process Into Play (Page 36) Public CIO - December 2008/January 2009 - Putting Process Into Play (Page 37) Public CIO - December 2008/January 2009 - Putting Process Into Play (Page 38) Public CIO - December 2008/January 2009 - Putting Process Into Play (Page 39) Public CIO - December 2008/January 2009 - Crossover Appeal (Page 40) Public CIO - December 2008/January 2009 - Crossover Appeal (Page 41) Public CIO - December 2008/January 2009 - Crossover Appeal (Page 42) Public CIO - December 2008/January 2009 - Crossover Appeal (Page 43) Public CIO - December 2008/January 2009 - FastGov (Page 44) Public CIO - December 2008/January 2009 - FastGov (Page 45) Public CIO - December 2008/January 2009 - CIO Central (Page 46) Public CIO - December 2008/January 2009 - CIO Central (Page 47) Public CIO - December 2008/January 2009 - Security Adviser (Page 48) Public CIO - December 2008/January 2009 - CIOs Pluck BlackBerry Phones From the Field (Page 49) Public CIO - December 2008/January 2009 - Straight Talk (Page 50) Public CIO - December 2008/January 2009 - Straight Talk (Page Cover3) Public CIO - December 2008/January 2009 - Straight Talk (Page Cover4)
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.