Breaches do not just happen. Breaches are committed. They are committed by determined people and facilitated by a lack of measures in one of the areas introduced in Part 1 (people, processes and technology). In this chapter, we will be taking a detailed look into the motives of people who have committed breaches, and into the basic reasons why they were able to succeed. An in-depth analysis of the author’s archives has shown that all motives can be narrowed down to four basic ones, all of them very, very human: greed, despair, a disgruntled employee seeking revenge and too lazy to remain honest, or the desire to gain an unjust business advantage. Let’s look at these in more detail.


A very basic human motive, ...

Get Managing Information Security: Studies from real life now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.