A former CSIS exec explains the ‘lone wolf’ effect on IT security

At the recent SecTor conference, Ray Boisvert discusses the kind of attacker that’s likely to strike organizations, and what they should do


In a recent keynote at Toronto’s SecTOR security conference, Ray Boisvert warned that the “lone wolf” assailant is the toughest threat to manage.

At SecTOR, Boisvert talked about how dramatically the security game has changed. When he joined the Canadian Security Intelligence Service (CSIS) in 1984, “it really was about the classic spy vs. spy,” he said, with nations gathering intelligence about other nations as well as organized terrorist groups.

Another “lone wolf” phenomenon is also threatening IT security, said Boisvert. He pointed out that IT is actually making it easier for one person (like WikiLeaks founder Julian Assange) to divulge the secrets of corporations, institutions or entire countries on a massive scale using the Internet. When it comes to threats being homegrown, Bradley Manning and Edward Snowden weren’t just Americans; they attained some of the highest U.S. security clearance privileges you can get.

How can your organization protect its network from falling prey to this type of ‘inside job’? The SecTOR audience got some pointers from Boisvert, who became assistant director of intelligence at CSIS and is now president of I-SEC Integrated Strategies in Toronto.

Look inward: Don’t just focus on what Boisvert calls “the perimeter fence,” i.e., your firewall and antivirus software. If you worry too much about keeping bad stuff out, you’ll miss the threats already lurking from within your own organization, including one rogue employee.

… and outward: Monitor social media to see what competitors, enemies and even your own staff are saying about your organization. That includes tiny corporate or personal details that could make your company’s data or executives vulnerable.

Be proactive: Assume your network has already been compromised. Be alert and vigilant all the time.

Be clear: Set out “a clear vision, a clear set of requirements and a clear set of processes” for everyone in your organization to follow when it comes to security, said Boisvert. Let people know what’s expected of them.

Talk about it: Be open with security colleagues about your firm’s own mistakes and challenges. It will generate more ideas you can use to solve those problems.

Protect IT with IT: To detect anomalies in your network both internally and externally, you’ll have to deal with huge amounts of data in real time, Boisvert said, “and the only way you’re going to do that is with advanced analytics.”

Build trust: Keep verifying the loyalty of your employees from time to time “but be very careful not to create an oppressive work environment,” Boisvert advised. “People have to feel like part of your organization.” If they don’t, he said, “they may, in fact, hurt you now or hurt you later.”

 

Comments are closed.