As Mr. Dembin stated in Part 1, disgruntled employees and recently separated employees prove to be one of the biggest threats to a business' information security. This makes sense considering the fact that employees (in most cases) have direct acccess to sensitive information and systems. If you've been through any kind of job interview recently, your employment was most likely contingent upon passing some sort of drug screen and background check. This is why the last part of our Q&A session focused on security issues within the small business environment.
BH: In the small business environment, finances are often tightly controlled. In your opinion, what is the most important security feature a business should invest in? An antivirus suite, firewall, drive encryption software, etc.?
MD: Careful vetting of prospective employees.
BH: It's my understanding that sexual offenders must register as such and as a result often have restrictions placed upon them regarding employment, residence selection, etc. Are repeat cyber crime offenders held to any restrictions? For example, are they prevented from purchasing service from an ISP or components to build a computer?
MD: Typically, cybercrime offenders have their access to computers and the Internet restricted and subjected to monitoring.
BH: When evidence is in an electronic format (i.e. emails, text messages, etc.) is it stored in a secured environment on encrypted drives to prevent tampering? If not, how is this type of evidence usually handled?
MD: Typically the evidence is stored on electronic media to which access is physically controlled. When first obtained, copies are made to use for analysis. The originals, after copying or imaging is complete, are not touched again unless some issue is raised regarding authenticity.
BH: In your estimation, what are the biggest information security challenges that businesses will face in the near (and distant) future?
MD: A. Secure deletion/storage of personally identifiable information.
B. Depending upon the business, targeted attacks for trade secrets or other valuable information using zero-day exploits at the application layer and advanced social engineering.
My intention is to schedule a follow-up interview sometime in the near future. So check back often for that. And finally, I'd like to take this opportunity to thank Mr. Dembin for his willingness to share his knowledge and experience with BrightHub!