Reconnex delivers accurate protection against known data loss and provides the only solution that automatically learns what your sensitive data is as it evolves in your organization.

Growing Problem Can Lead to Economic Harm and Legal Liabilities if Not Dealt With, Says Author Dan Verton

MOUNTAIN VIEW, Calif., August 1, 2005—Although most people believe identity theft is perpetrated by hackers from outside an organization, malicious or careless insiders can pose an even greater risk. In The Insider: A True Story, author and security expert Dan Verton reveals not only the extent of that risk but also the harm that identify theft causes to corporations and to the U.S. economy. Verton provides real-life examples of insider ID theft, discusses the legal requirements for identity protection, and shows how the latest security technologies can prevent malicious insiders from transmitting sensitive information outside the organization. The Insider: A True Story, published by Llumina Press, is available from on-line retailers such as www.amazon.com and www.barnesandnoble.com and at bookstores across the U.S.

"A stolen credit card number is worth only about $5, but an insider who steals tens of thousands of them can sell them for hundreds of thousands of dollars—or use them to purchase millions of dollars of merchandise," said Verton. "Individuals are hurt when identities are stolen, but so are corporations. They suffer a loss of customer confidence, they incur the expense of alerting their customers to the theft, and a drop in share price can result in shareholder losses in the millions."

Among the cases Verton discusses is one of the largest known incidents of insider ID theft in the U.S., which occurred at Teledata Communications Inc. A help desk employee stole the identities of up to 30,000 people by using confidential passwords and subscriber codes from Teledata customers such as banks to access and download credit bureaus reports. The scheme, which went undetected for more than two years, enabled the employee to obtain credit cards in the names of people whose identities were stolen.

"Laws such as the Gramm-Leach-Bliley Act and California’s S.B. 1386 privacy statute make the corporation responsible for the security of personal information and for reporting security breaches," Verton said. "Yet as the case histories in The Insider show, many companies—perhaps most—don’t have the security systems, policies, and procedures that enable them to detect and prevent the transmission of private information outside of the organization. As a result, these companies may find themselves at risk of legal action."

Risk Assessments Reveal Extent of Insider Threat

While writing The Insider: A True Story, Verton conducted extensive research at Reconnex Corporation, whose iGuard content-monitoring security appliance has the unprecedented ability to analyze all content flowing over an enterprise’s network. The Reconnex iGuard empowers enterprises to know what personal data—whether in the form of credit card or social security numbers, medical records or patient data—is leaving the network and who is transmitting it. The iGuard thus enables organizations to guard against accidental or malicious threats to network security from insiders.

"By analyzing terabytes of blind data statistics from the over 100 Reconnex iGuards deployed to date, we’ve found that information on tens, hundreds, or even thousands of individuals is leaving enterprises’ networks every single day," said Donald J. Massaro, president and CEO of Reconnex. "Executives need to recognize this threat and secure this data before their business is damaged or destroyed."

About Dan Verton

In addition to The Insider: A True Story, Dan Verton wrote the highly acclaimed book Black Ice: The Invisible Threat of Cyber-Terrorism (McGraw-Hill, 2003), endorsed by some of the nation’s top experts as one of the best descriptions of the terrorist threat to critical cyber infrastructure to date. He has presented his research on cyber-terrorism to the Department of Homeland Security, the U.S. Secret Service, The Air Force War College, and to other organizations as well as to colleges and universities. Verton is a former Marine Corps intelligence officer.

About Reconnex

Reconnex is the leading provider of enterprise risk management (ERM) systems that reveal and address the insider threat to compliance risks, competitive risks, corporate governance risks, and critical infrastructure risks. Reconnex enables Fortune 1000 companies, government organizations, and smaller healthcare and financial services companies to protect their brands, shareholder value, and mission critical operations by revealing hidden risks in the first 48 hours of deployment. Without exception, every deployment has enabled these organizations to quickly remediate the risks that could have damaged or destroyed them.

Give us two days, you’ll know™ . Call Reconnex today at 1-866-940-4590 or visit us on the web at www.reconnex.net.

“I can now sleep at night, because I know exactly where our sensitive customer and account information is going.”

Jeff Karafa
Senior Vice President and Chief Financial Officer
Community Bank
Dearborn, Michigan