Proceedings ArticleDOI
Insider Threat Program Best Practices
Mark D. Guido,Marc W. Brooks +1 more
- pp 1831-1839
Reads0
Chats0
TLDR
This paper concludes with descriptions of each of the best practices derived from the model program, meant to be a standalone section that readers can detach and incorporate into their insider threat mitigation program guidance.Abstract:
Based on experiences with different organizations having insider threat programs, the components needed for an insider threat auditing and mitigation program and methods of program validation that agencies can use when both initiating a program and reviewing an existing program has been described. This paper concludes with descriptions of each of the best practices derived from the model program. This final section is meant to be a standalone section that readers can detach and incorporate into their insider threat mitigation program guidance.read more
Citations
More filters
Journal ArticleDOI
Insight into Insiders and IT: A Survey of Insider Threat Taxonomies, Analysis, Modeling, and Countermeasures
TL;DR: In this article, a structural taxonomy of insider threat incidents is presented, which is based on existing taxonomies and the 5W1H questions of the information gathering problem.
Journal ArticleDOI
Motivation and opportunity based model to reduce information security insider threats in organisations
TL;DR: The results of the data analysis show that situational prevention factors such as increasing the effort and risk involved in a crime, reducing the rewards and removing excuses can significantly promotes the adoption of negative attitudes towards misbehaviour, though reducing provocations does not have any effect on attitudes.
Proceedings ArticleDOI
Classification of Insider Threat Detection Techniques
Ameya Sanzgiri,Dipankar Dasgupta +1 more
TL;DR: This short paper summarized and classified insider threat detection techniques based on strategies used for detection.
Journal ArticleDOI
Deterrence and prevention-based model to mitigate information security insider threats in organisations
Nader Sohrabi Safa,Carsten Maple,Steven Furnell,Muhammad Ajmal Azad,Charith Perera,Mohammad Dabbagh,Mehdi Sookhak +6 more
TL;DR: The findings show that perceived sanctions certainty and severity significantly influence individuals’ attitudes and deter them from information security misconduct, and subjective norms, perceived behavioural control and attitude influence individuals' intentions, and, ultimately, their behaviour towards avoiding information security misbehaviour.
Journal ArticleDOI
An assessment of opportunity-reducing techniques in information security
TL;DR: An evaluation of extant opportunity-reducing techniques employed to mitigate insider threats suggests that extant techniques are insufficient and may be used as a proactive mitigation strategy.
References
More filters
Book ChapterDOI
A Survey of Insider Attack Detection Research
TL;DR: The challenges of this problem and current approaches and techniques pursued by the research community for insider attack detection are described, and directions for future research are suggested.
Analysis and Detection of Malicious Insiders
Mark T. Maybury,Penny Chase,Brant Cheikes,Dick Brackney,Sara Matzner,Tom Hetherington,Brad Wood,Conner Sibley,Jack Marin,Tom Longstaff +9 more
TL;DR: A generic model of malicious insider behaviors, distinguishing motives, (cyber and physical) actions, and associated observables are reported, and several prototype techniques developed to provide early warning of insider activity are outlined.
Book ChapterDOI
ELICIT: a system for detecting insiders who violate need-to-know
TL;DR: In this article, the authors developed an approach for detecting insiders who operate outside the scope of their duties and thus violate need-to-know, based on information from public cases, consultation with domain experts, and analysis of a massive collection of information-use events and contextual information.
Book
Insider Attack and Cyber Security: Beyond the Hacker (Advances in Information Security)
Salvatore J. Stolfo,Steven M. Bellovin,Angelos D. Keromytis,Sara Sinclair,Sean W. Smith,Shlomo Hershkop +5 more
TL;DR: The first workshop on Insider Attack and Cyber Security, IACS 2007 as discussed by the authors defined the nature and scope of insider problems as viewed by the financial industry and set an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and includes the following topics: critical IT infrastructure, insider threats, awareness and dealing with nefarious human activities in a manner that respects individual liberties and privacy policies of organizations while providing the best protection of critical resources and services.