ComputerWorld has an interesting article discussing the unauthorized transfer of a company's essential digital assets… commonly called extrusion.
Extrusion has a strange nature that stems from unexpected actions by trusted insiders in an environment assumed to be secure. For this reason, extrusion prevention requires both management and technology controls. This article reviews current best practices in four business control activities: human resources, the internal audit, physical security and information security. The author highlights disconnects in each activity and then recommends corrective action at the end of the article.
With the threats from within being the major focus these days, this article rings true to many a CSO. Have a read and judge for yourself. [Dana Epp's ramblings at the Sanctuary]