January 21, 2009
I don’t know of an IT or InfoSec department that hasn’t spent the last several years being overburdened and understaffed. Companies are restricting planned new hires if not cutting staff outright, and doing away with bonuses and raises. There’s nowhere for disgruntled employees to go anymore, so they stay on staff and fester away. And it isn’t just IT that is feeling the pinch these day, the entire workforce is basically demoralized in recent months. Your insider risk just increased exponentially. How comfortable are you with your risk management and controls? What is a winning strategy to handle this situation?