Why do some people try to breach security of information infrastructure ? Extremely talented, sometimes their works (when nabbed) show signs of genius but most of the time, their core objective all too mundane : money, fame, revenge or simply the ego of any criminal – “I cannot be caught.”
We must understand that machines (at least as of now) do not have these feelings. These feelings can only come to Human beings.
Now, just consider that your stakeholders are human beings. There is a Bengali saying : “সর্ষের মধ্যে ভূত” – there is a legend that mustard seeds are protective against evil spirits (like in Slavic legend, onion is supposed to be protection against vampires ). But what happens if the spirit enters into the very mustard or the very onion.
The ultimate vulnerability is when the very protection which we trust becomes personified threat.
There is no technology here. It is plain human vulnerability.
Sherlock Holmes to Watson, while describing the essence of his greatest rival and almost impenetrably malevolent foe, Dr. Moriarty – “… there are some trees that grow healthy but after sometime, they show eccentricities.”
Your trusted employee, your trusted shareholder, your most trusted gatekeeper can show those eccentricities sometime…. It has happened and will always happen.
A New York Judge convicts a man of Indian origin of sterling reputation till his 65th year (Mr. Rajat Gupta, ex-Mckinsey Chief) and tells :”… History of this this and the world show that good man do bad things.”
Is there any way to know when this terrible shift may happen with a person ?
Yes, there is….
Infocon 2016 will discuss this theme that is almost never questioned.
But we must. How painful and tough the question may be, we must. This silence is a weakness.
The strongest part of a security system, any system is its weakest link.