Homeland Security Magazine has a very interesting case study on an insider threat case involving DirecTV. In this case, the insider was a sort-of third order insider, as they worked for the document management contractor of DirecTV’s law firm.
A few lessons for us infosec professionals from this:
First: The definition of insiders expands as businesses continue to outsource functions which used to be done in house.
Second: Vendor Risk Management programs need to pay special attention to law firms. These guys are like companies’ confessors; we tell them all of our deepest secrets and rely on them to keep things secret.
Third: Trust no one.