http://bit.ly/dUkonx
http://www.linux.com/news/technology-feature/security/397143:top-five-insider-attacks-of-the-decade Final Word Much of the press coverage given to computer security is focused on external attackers — for a number of reasons. Internal attacks may never be discovered, or reported if they are. Unless a company is required to disclose a breach, it may choose to deal with the attacker by firing, disciplining, or tightening up security to keep former employees out. Many external attacks are wider scale and draw more attention. And, unlike insider attacks, are probably more likely to be reported to the authorities — which also draws the attention of the press. Most employees are not out to harm their employer. However, there's no way to ensure that's the case with all of an organization's employees — so the best practice is to be cautious and take the appropriate steps (see SANS Protecting Against Insider Attacks (PDF) to mitigate and detect insider attacks). http://www.sans.org/reading_room/whitepapers/incident/protecting-insider-attacks_33168 _______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
