ABSTRACT
Many diverse groups have studied the insider threat problem, including government organizations such as the Secret Service, federally-funded research organizations such as RAND and CERT, and university researchers. In addition, many industry participants are interested in the problem, such as those in the financial sector. However, despite this interest, no consistent definition of an insider has emerged.
Supplemental Material
Available for Download
Slide presentation for "Defining the insider threat"
- Matt Bishop. Position: Insider is relative. In Proceedings of the New Security Paradigms Workshop, 2005. Google ScholarDigital Library
- R. Brackney and R. Anderson. Understanding the insider threat: Proceedings of a march 2004 workshop. Technical report, RAND Corporation, Santa Monica, CA, March 2004.Google Scholar
- J. Patzakis. New incident response best practices: Patch and proceed is no longer acceptable incident response. Technical report, Guidance Software, Pasadena, CA, September 2003.Google Scholar
Index Terms
- Defining the insider threat
Recommendations
Insider Threat Assessment: a Model-Based Methodology
Security is a major challenge for today's companies, especially ICT ones which manage large scale cyber-critical systems. Amongst the multitude of attacks and threats to which a system is potentially exposed, there are insider attackers i.e., users with ...
Comments