Leveraging Existing IT Resources for Insider Threat Risk Mitigation

Abstract

Detecting observable indicators of insider risk relies heavily on collection and analysis of specific types of data representing user activity on enterprise systems. Some organizations deploy user activity monitoring (UAM) software specifically for this purpose, but others are unable to do so, either for cost reasons, lack of support resources, etc. Here, we demonstrate how organizations may leverage existing IT resources to provide meaningful data for insider threat risk mitigation without deploying a stand alone UAM solution.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2019
Accession Number
AD1084783

Entities

People

  • William Claycomb

Organizations

  • Carnegie Mellon University

Tags

DTIC Thesaurus Topics

  • Data Exfiltration
  • Department Of Defense
  • Engineering
  • Guarantees
  • Indicators
  • Insider Threats
  • Materials
  • Monitoring
  • Operating Systems
  • Patents
  • Scada
  • Servers (Computer Hardware)
  • Software Development
  • Task Forces
  • Threats
  • Universities

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Systems Analysis and Design