New book suggests IT security managers look within for threats

Published 13 September 2006

Enemy at the Water Cooler” looks at consultants, vendors, and former employees as threats; greed and disgruntledness common motives for treachery

Enemy at the Water Cooler. The book’s title seems a cross between Who Moved My Cheese and The Shining. The intent, certainly, is to scare — and why not? According to author Brian Contos, the biggest threats to a company’s IT security originate from within. Former employees, unscrupulous cosultants and contractors, vendors, and even cleaning crews may have wide access to the company’s IT secrets without also possessing the institutional loyalty the company expects from its workers. Not all begin their relationship with the company in bad faith. Most nefarious insiders, Contos explains, begin their work inocently enough, but greed and disgruntledness divert them from the straight and narrow path. Others simply make mistakes, having no malicious motive, but their actions nonetheless have serious consequences. Contos argues that these threats are not only the most dangerous, they are also the most difficult to defend against.

-purchase Enemy at the Water cooler from Amazon