extended-abstract

Defining the insider threat

Authors:
Matt Bishop

UC Davis, Davis, CA

UC Davis, Davis, CA
View Profile

,
Carrie Gates

CA Labs, Islandia, NY

CA Labs, Islandia, NY
View Profile

CSIIRW '08: Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges aheadMay 2008Article No.: 15Pages 1–3https://doi.org/10.1145/1413140.1413158

Published:12 May 2008Publication History

CSIIRW '08: Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead

Pages 1–3

ABSTRACT

Many diverse groups have studied the insider threat problem, including government organizations such as the Secret Service, federally-funded research organizations such as RAND and CERT, and university researchers. In addition, many industry participants are interested in the problem, such as those in the financial sector. However, despite this interest, no consistent definition of an insider has emerged.

Supplemental Material

Available for Download

pdf

a15-bishop-slides.pdf (194.9 KB)

Slide presentation for "Defining the insider threat"

References

Matt Bishop. Position: Insider is relative. In Proceedings of the New Security Paradigms Workshop, 2005. Google ScholarDigital Library
R. Brackney and R. Anderson. Understanding the insider threat: Proceedings of a march 2004 workshop. Technical report, RAND Corporation, Santa Monica, CA, March 2004.Google Scholar
J. Patzakis. New incident response best practices: Patch and proceed is no longer acceptable incident response. Technical report, Guidance Software, Pasadena, CA, September 2003.Google Scholar

Index Terms

Defining the insider threat
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Insider Threat Assessment: a Model-Based Methodology

Security is a major challenge for today's companies, especially ICT ones which manage large scale cyber-critical systems. Amongst the multitude of attacks and threats to which a system is potentially exposed, there are insider attackers i.e., users with ...
Read More
Insider Threat: Prevention, Detection, Mitigation, and Deterrence
Read More
Insider Threat: Protecting the Enterprise from Sabotage, Spying, and Theft
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CSIIRW '08: Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead
May 2008
470 pages
ISBN:9781605580982
DOI:10.1145/1413140
Editors:
Frederick Sheldon,
Axel Krings,
Robert Abercrombie,
Ali Mili
Copyright © 2008 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 12 May 2008
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- extended-abstract
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 76
  Total Citations
  View Citations
- 1,958
  Total Downloads
- Downloads (Last 12 months)161
- Downloads (Last 6 weeks)15
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Defining the insider threat

CSIIRW '08: Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead

ABSTRACT

Supplemental Material

Available for Download

References

Cited By

Index Terms

Recommendations

Insider Threat Assessment: a Model-Based Methodology

Insider Threat: Prevention, Detection, Mitigation, and Deterrence

Insider Threat: Protecting the Enterprise from Sabotage, Spying, and Theft