Paying More Mind to Malicious Insider Seeking Out Employees Bent on Destruction
Former FBI cyber unit chief Tim Ryan sees mounting dangers from the insider, acknowledging undiscerning employees who don't follow proper processes can cause devastation. But he says the actions of those with malicious intent can be more catastrophic.

"The cases where I see the most harm is where somebody really wanted to hurt the corporation, not just the accidental release" of information, says Ryan, managing director at Kroll Advisory Solutions cyber investigation practice, in an interview with Information Security Media Group. "The accidental release may be embarrassing, [but the] level of compromise or destruction caused by somebody who intentionally wants to do that is usually far greater."

In the interview, Ryan:

  • Explains why the insider threat is more damaging than many other risks an organization's IT systems face;
  • Describes how the race to the cloud and new technologies heighten the threat from insiders;
  • Suggests ways organizations can minimize the insider threat.

Before joining the risk mitigation and response advisory firm Kroll in August, Ryan supervised the FBI's largest cyber squad in the United States, leading investigations involving corporate espionage, advanced computer intrusions, denial of service, insider attacks, malware outbreaks, Internet fraud and theft of trade secrets.

From 2009 through 2010, Ryan served as acting director of the FBI's New Jersey Regional Computer Forensic Lab, one of the nation's largest, state-of-the-art digital forensic laboratories. He also conducted computer forensic examinations as a member of the FBI's Computer Analysis and Response Team.

Around the Network