Insider Threat Attributes and Mitigation Strategies

Abstract

Malicious insiders pose a threat to the confidentiality, integrity, and availability of an organization's information. Many organizations look for hardware and software solutions that address insider threats but are unsure of what characteristics to look for in a product. This technical note presents seven common attributes of insider threat cases, excluding espionage, drawn from the CERT Division's database. The note maps the seven attributes to characteristics insider threat products should possess in order to detect, prevent, or mitigate the threat. None of these attributes alone can identify a malicious insider. Rather, each attribute is one of many data points that an organization should consider when implementing an insider threat program.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jul 01, 2013
Accession Number
ADA584005

Entities

People

  • George J. Silowash

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Biomedical
  • Cyber
  • Energy and Power Technologies
  • Ground and Sea Platforms
  • Weapons Technologies

DTIC Thesaurus Topics

  • Computer Crime
  • Computer Network Security
  • Computer Networks
  • Computer Programming
  • Computer Programs
  • Computers
  • Cybersecurity
  • Employment
  • Engineering
  • Information Systems
  • Insider Threats
  • Intellectual Property
  • Malware
  • Network Protocols
  • Operating Systems
  • Security
  • Software Development

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Software Engineering.
  • Systems Analysis and Design