Funding not following concerns about insider threats.

• Author: Magnuson, Stew
• Position: Homeland Security News

Spies, disgruntled workers and intellectual property thieves have always been a problem in both government and private sector organizations.

The Edward Snowden scandal and Julian Assange's WildLeaks organization have brought to the fore the problem of "insider threats" as never before.

Congressional hearings, conferences and newspaper articles have all raised awareness, but a recent survey found that despite the hand-wringing, organizations are not putting resources toward the problem. "People are now trying to get a better understanding of the insider threat problem, but one thing that is not happening yet, and its the case for government and commercial [sectors] alike, is that the budgets seem to be lagging,"said Michael Crouse, director of insider threat strategies at Raytheon Co.

Raytheon commissioned the survey to gain a better understanding about industry's awareness of the problem, he said. The survey report,"Privileged User Abuse and the Insider Threat,"was derived' from the polling of 693 info-tech managers and was conducted by the Ponemon Institute, a research and consultancy film.

Respondents said they were aware of the problem and that they want to be more proactive when it comes to insider threats, but the survey indicated that this is mostly talk, Crouse said. "The budgets haven't caught up to that awareness and thinking yet,"he said.

"People are really fighting for every dollar. And when they are fighting for every dollar; they really have to fight for new requirements, and they have to ... be able to show the return on investment,"he added.

It is easier to show that return on investment when it comes to thwarting external threats such as foreign hackers, he said.

The high profile WildLeaks and Snowden cases are prompting some companies and agencies to put together insider threat programs, he said.

Insider threats generally come in three categories. Data gathered by the Carnegie Mellon computer emergency response team show that the most common is information technology sabotage at 41 percent of incidents. That is followed by fraud for personal financial gain at 26 percent and theft of intellectual property at 20 percent. The remaining 14 percent are miscellaneous.

One example of a miscellaneous threat would be the case of an info-tech employee who was paying someone overseas to do his work for him.

"That is an insider threat. Giving someone access to a company's information,"he said.

It is difficult to quantify how prevalent...