The InfoSec Blog

Going Rogue

Posted by Anton Aylward

In this article at TechRepublic, Tom Olzak tries to address the issue of insider threat by talking about why your employees might 'go rogue'.  I think he completely misses the point by discussing the motivation for spies and convicted traitors. This is a different class of people from toss that commit financial fraud and take revenge on employers who they think have wronged them.

Lets be fair, how many of these characteristics would have applied to people like Nick Leason, Jerome Kerviel, the rogue traders such as Yasuo Hamanaka at Sumitomo Corporation of Japan in 1998 and John Rusnak at the Allied Irish Bank in 2002, Toshihide Iguchi at Daiwa Bank, John Rusnak was a former currency trader at Allfirst bank, Matt Piper of Morgan Stanley, Anthony Elgindy, Thom Calandra and Brian Hunter - never mind the rogue executives as WorldCom, Enron and Parmalat and many other corporate and accounting scandals that were motivated by greed.

The list on the blackboard in the cartoon doesn't, I think, apply to the 'rogue traders'. It applies only somewhat to the rogue executives but it does apply more comprehensively to the spies and traitors like Ames & Early.

However Donn Parker's point that (many) white-collar criminals are led into crime by "intense personal problems" makes more sense and also applies to people such as Brian Molony at the CIBC. So I don't think this is a very good article. Donn's observation si more geenral and more useful than Tom's.

More to the point, since Tom's article fails to address issues such as senior management ignoring the business controls that are in place because the people concerned were making a profit (aka greed in high places) and because it doesn't address the issue of having internal resources where staff can come to get advice about pressing personal problems, and finally because it doesn't deal with the possible channels for ethics complaints and whistle-blowing, it fails to address its title; there is nothing here about prevention - only detection, and very limited form of detection at that.

Reblog this post [with Zemanta]