CEO Warns Threats are Coming from the Inside

Download our in-depth report: The Ultimate Guide to IT Security Vendors

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Insider security threats pose as much of a danger to corporate networksas hacker attacks. And to make matters worse, IT administrators aren'tdoing enough to guard against these internal threats, according to theCEO of a security start-up.

Don Massaro is the CEO of Reconnex, anetwork security appliance company based in Mountain View, Calif.Reconnex' product is designed to allow administrators to actually seeinformation flowing across the corporate network. And once managers cansee where the traffic is flowing from, as well as where it's going to, theycan plug up both accidental leaks made by innocent employees and theycan weed out employees with malicious intent.

And the threat from someone inside the company is staggering.

In a survey of 138 Fortune 1,000 companies, executives reported lossesbetween $53 billion and $59 billion due to insider attacks. The survey,jointly done by PricewaterhouseCoopers, ASIS International and the U.S.Chamber of Commerce, also showed that 40 percent reported incidents ofknown or suspected losses of proprietary information.

Massaro says IT administrators and CSOs need to focus more on the peoplewithin the walls of their own companies.

Investing his own money in the venture, Massaro started Reconnex in2003. Today, with backing from two VC firms, the company is shippingReconnex G2 Content Analyzer, a network appliance that sits behind thefirewall either on a passive tap, router or switch to analyze objects,rather than packets of information, moving on a network.

A self-described serial entrepreneur, Massaro is no stranger tohigh-tech business. This past May, he was the first to be named ''CEO ofthe Quarter'' by Trusted Strategies, an analyst firm in the securityarena.

In a one-on-one interview with eSecurityPlanet, Massaro discusseswhat he claims will be the next paradigm shift in the security industry-- a shift that he says will save companies millions of dollars infinancial losses.

Q: Your latest venture involves addressing insider security threats.What types of attacks are we talking about?
If you look at major security breaches, most of them start on theinside. Most of them are accidental -- that's to say you have goodemployees who are well intentioned but they make a mistake. As result ofthat, confidential information and intellectual property leak out...Anytime knowledge gives companies competitive advantage, it has afinancial effect on that company sooner or later.
Most instances are accidental but we do have cases where employees arebeing malicious for their own gain to sell proprietary information andeven cases of cyber terrorism.

Q: What is missing from companies' security portfolios?
There are about 700 companies in the security space. Almost all areconcerned with perimeter protection. They're making an assumption thatthe bad person is on the outside and they're trying to protect theirnetwork from that. So products like firewalls, intrusion detectionsystems, virus detection systems, spam filters, authenticationauthorization systems are for perimeter protection. Our product is theopposite of that. We don't replace any of these. We sit behind thefirewall and look at everything moving outside of the firewall. We lookfor any proprietary or confidential information leaving the network.

Q: How does the product work?
We look at the objects moving over the network. We don't care aboutpackets. We care about what's in the PowerPoint, Excel or PDF file. Weanalyze all of those objects flowing out of the network and search forintellectual property being transmitted.

Q: What sort of challenges do administrators face monitoring theirown colleagues?
A company has the right to monitor their network like they have theright to monitor their phones, so it's not a legal issue. But they aresensitive to the fact that they're monitoring their employees. They donotify their people about that. The biggest challenge is identifyingwhat is confidential or intellectual property and what is not...Information is all over the place. We see a lot of source code goingout.

Q: What should a CIO or CSO be most concerned about in terms ofsecurity?
It depends on what industry you're in. If it's financial services, youbetter make sure you're in compliance with the laws out there. Thetechnology companies are doing a lot of outsourcing offshore to Indiaand China, and want to monitor any intellectual leaks out there. So thesecurity hot button really depends on what industry you're in.

Submit a Comment

Loading Comments...