Insider Threat Data Sharing
Abstract
Insider threat is a significant problem for both governmental and private organizations. Individuals can do immense harm with their trusted accesses. To combat this threat, organizations have created departments with trained analysts whose sole purpose is to deter, detect, and mitigate the insider threat. These analysts monitor employees and analyze activities to detect dangerous practices, whether witting or unwitting, and report these actions to supervisors for mitigation. When organizations share insider threat information among each other, it can improve all organizations abilities to deter, detect, or mitigate the insider threat. The challenge lies in merging external and existing data with as little human interaction as possible. This thesis examines the work that takes place in an insider threat department and identifies requirements for a solution that would allow for information sharing between organizations.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 01, 2016
- Accession Number
- AD1029918
Entities
People
- Jeremey J. Sellen
Organizations
- Naval Postgraduate School