Former FBI Chief Information Security Officer Patrick Reidy had few laughs at the State Department’s expense during his Black Hat presentation on Wednesday, but he wasn’t foolish enough to come out and say that his agency would have detected an insider threat like Edward Snowden. In fact, depending on how Snowden’s behavior patterns and personal traits lined up with other known threats, spotting his plans might have been impossible.
Someone who knows he’s getting a pink slip on Monday printing off a bunch of stuff on Friday evening? “That’s what we at the FBI call a clue,” Reidy joked. But someone taking a few files here and there, all while technically remaining within his access permissions? That’s like finding a needle in, well, a stack of needles.
Too often, Reidy said, “We take one problem — [like] Snowden — and just generalize it everywhere.”
In the statistical sense of the…
View original post 829 more words