IT security folks often say that, while they can spend time protecting systems from external attacks, the biggest risk to a company’s information security is from the inside, from people who get spear-phished or who gleefully and expectantly plug in the USB stick labeled “Executive Comp details” they found in the company garage, only to upload malware or a virus to the system.
Or Edward Snowden, a systems analyst. Or Pfc Bradley Manning.
And most internal fraud is discovered because of a disappointed mistress or ex-wife/husband.
What made me think of that?
“J.P. Morgan Insider Aids U.S. Probe,” Wall Street Journal, October 1, 2013 C1 http://on.wsj.com/GzM0Hh Author (and cooperating witness) wrote an email pointing out to her superiors that the value of mortgage securities was vastly overstated versus what the company subsequently led investors to believe.
While she may have stunted her career growth at JPM, she may have a rewarding new career on the speaking circuit. Remember Sherron Watkins from Enron?
If you’re doing bad stuff, don’t assume everyone will be on board.