O'Reilly logo

Enemy at the Water Cooler by Brian T Contos

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Outbreak from
Within—A Financial
Organization
in the U.K.
“I think computer viruses should count as life.
I think it says something about human nature
that the only form of life we have created so
far is purely destructive. We’ve created life in
our own image.”
—Stephen Hawking
Chapter 8
129
424_Wtr_Clr_08.qxd 7/27/06 9:25 AM Page 129
For the most part, when compared to organizations of a similar size in dif-
ferent business verticals, financial organizations in the U.K. are particularly
diligent when it comes to security and monitoring.This doesn’t mean that
financials don’t have their share of problems and well-publicized attacks.They
are a big target from the inside and outside, and because they are in the busi-
ness of trust, security has always has been a chief concern.
The more successful a financial organization is, the bigger target it
becomes. And not just from external threats. More business means more
employees, partnerships, vendors, consultants, and so forth.Thus, the potential
insider threats increase with the size of the organization.
As financial organizations become successful, they also tend to grow
through mergers and acquisitions. Anybody who has been through M & A
knows that it can be difficult for a number of reasons. One of those reasons
being that people begin to wonder if they are going to lose their jobs, be
forced to move, what their new boss will be like, and so forth. In this atmo-
sphere an employee can become angry, even vengeful, and turn into a mali-
cious insider.
One tactical issue sometimes overlooked is connecting the merging orga-
nizations from an IT perspective. With a very large organization and a very
small organization, this isn’t a huge undertaking, but when two substantial
organizations somewhere in between come together, the effort is challenging.
One such organization that I have worked with throughout the years is one
of the biggest financials in the U.K.They have been purchasing other finan-
cials for years and continue to have explosive growth.They were early
adopters of SIM and ESM technology, and they’ve deployed it enterprise-
wide to monitor everything from the largest mainframes to the smallest net-
work switch.
In fact, their ESM is so well integrated that their incident response times
have steadily reduced over the years, making them highly efficient and capable
of leveraging security analysts more strategically. Executives review ESM
reports, and incident response programs involve individuals from legal and
human resources departments; the entire organization has a top-down
approach to security.
www.syngress.com
130 Chapter 8 • Outbreak from Within—A Financial Organization in the U.K.
424_Wtr_Clr_08.qxd 7/27/06 9:25 AM Page 130

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required