Many organizations use in-house web applications and intranet sites for their production software and data sharing. Sysadmins know to install and configure vulnerability scanners, but how many run pen tests on their own network? How many Sysadmins run pen testing on a new application on a sandbox before deploying the said application into production? Cynthia Harvey of ESecurityPlanet.com wrote an article on Application Security. Some interesting statics she mentions are at least 77% of custom applications contain at least one vulnerability during their initial scan and the average cost of a data breach is $3.86 million or $148 per record stolen. She goes on to state only “52% of enterprises sometimes do AppSec testing, but most do not consistently.
Missing the insider’s threat goes undetected begins with not finding vulnerabilities in their applications. Many insider threats go undetected by the sysadmins. Sysadmins rely on software or effective controls to meet compliance standards and regulations. Software, however, has its limitations. A human has the capability to utilize post-exploitation techniques to exploit a variety of achievable goals. Insider threats critical subject to businesses and a unique challenge to sysadmins.