I just finished a presentation on Insider Threats for Dark Reading. This has been a subject that I've been closely involved with for years. Times have really changed. 5-years ago there was a lot of time spent trying to explain the issue, why people should care, and generally evangelize it. We've grown up. People get it. Now we're getting into more of the psychology of the insider -- what makes them tick. How to prevent the incident (from a non-technical perspective) as well as what technologies can be used. Another hot topic is process around insider threats. How do we deal with it once it has occurred? Who manages it:  IT, Legal, HR, or a team of the prior with executive sponsorship? 

It's great to see that in terms of people, process, and technology, that people are understanding that while technology can help - especially by leveraging machine-based analysis to augment human intuition, that the processes required to be effective are equally critical.

I mentioned in my presentation that the term "insider" is losing its meaning. I truly believe this. As more people, have more access, more easily, and with more ways than ever to sensitive data, it is starting to become less important if you access point was from a cubicle, over a VPN, or simply through a Web portal. What matters today is very simple:  people interacting with sensitive data.

If we agree that data is valuable and data mostly resides in databases, and we also agree that most users interact with that data via Web applications, then prudence dictates that safeguards be applied at the Web application and database layer.

This is why the Imperva SecureSphere Web Application and Database security/audit solutions play such a critical role in mitigating nefarious insider activity.