The increasing incidence and serious nature of internal threats to the security of corporate information is well demonstrated by the recent need for Cable & Wireless to injunct a former executive to hand a 100,00-strong customer database back to her former employer. While the former executive denies the allegation, the BBC has established that the database is being used illegally by Pakistan call centres.
An effective information security management system (ie an ISMS in line with ISO27001) would have identified this risk and guarded against it. Identifying, investigating and responding to this sort of white collar corporate crime will increasingly be part of the ISMS operation, which is why we have just added a selection of useful books on White Collar Crime and Computer Forensics to our website.
We expect more stories of this sort.