Another lesson is that monitoring and reporting systems are “closing the barn door” approaches and that what is needed are real time alerts and immediate blocking of suspicious unauthorized attempts to extricate data. According to the article in the Times, Goldman “caught” Aleynikov when a red flag was raised indicating an abnormal surge of data exiting from its servers. But by then it may well have been too late. The real answer is to prevent the data from getting out in the first place. It is likely that such systems are indeed in place at Goldman, but, even so, Aleynikov appeared to have been smart enough to get around them.
The bottom line is that there are always threats in the form of experts who notice and take opportunities to circumvent protective measures. Perhaps a major part of the solution is indeed to publicize such incidents and the arrest of perpetrators in order to deter others. Let’s hope that such deterrence works. Of course it is the curse of security professionals that we shall never know if anyone will be actually dissuaded from wrongful acts because of this particular event making the news.
Popularity: 12%
