Thursday, January 24, 2008

Still believe that insider threat is not that big?

Then read this. The French bank Societé Generale lost more than $7 billion (yes, billion!) because of an internal fraud, commited by a single trader. That's an interesting insider threat case!I found this piece particularly interesting:"Axel Pierron, senior analyst at Celent, an international financial research and consulting firm, was stunned that a trader could be involved in such a massive fraud 13 years after the Barings Bank collapse.

“The situation reveals that banks, despite the implementation of sophisticated risk management solutions, are still under the threat that an employee with a good understanding of the risk management processes can getting round them to hide his losses,” he said."

 I can bet that this case also includes access control and segregation of duties issues. That clearly shows that companies are not properly monitoring their internal environments, not only in a network perspective but also in business applications.

No comments:

Post a Comment