Title :
Insiders Behaving Badly: Addressing Bad Actors and Their Actions
Author :
Pfleeger, Shari Lawrence ; Predd, Joel B. ; Hunker, Jeffrey ; Bulford, Carla
Author_Institution :
RAND Corp., Arlington, VA, USA
fDate :
3/1/2010 12:00:00 AM
Abstract :
We present a framework for describing insiders and their actions based on the organization, the environment, the system, and the individual. Using several real examples of unwelcome insider action (hard drive removal, stolen intellectual property, tax fraud, and proliferation of e-mail responses), we show how the taxonomy helps in understanding how each situation arose and could have been addressed. The differentiation among types of threats suggests how effective responses to insider threats might be shaped, what choices exist for each type of threat, and the implications of each. Future work will consider appropriate strategies to address each type of insider threat in terms of detection, prevention, mitigation, remediation, and punishment.
Keywords :
computer crime; cyber crime; cyber security; insider action; insider threat; taxonomy; Cyber crime; cyber security; insider threat;
Journal_Title :
Information Forensics and Security, IEEE Transactions on
DOI :
10.1109/TIFS.2009.2039591
