Cloud Service Provider Methods for Managing Insider Threats: Analysis Phase 1

Abstract

In early 2013, researchers in the CERT (registered trademark) Insider Threat Center contacted commercial and government cloud service providers (CSPs) about participating in research to gain a preliminary understanding of implemented administrative and technical controls that they are using to identify and manage the threats posed by insiders. These CSP participants provided frank and meaningful insight about their insider threat management programs and enterprise security practices. This report contains the observations obtained from interviewing the CSP personnel who volunteered to participate as well as an analysis of CSP management of insider threats based on the information obtained in interviews, observations of implemented insider threat controls, and risk considerations.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 01, 2013
Accession Number
ADA592416

Entities

People

  • Greg Porter

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Computer Programming
  • Computers
  • Cyber Threats
  • Cybersecurity
  • Department Of Homeland Security
  • Information Security
  • Information Systems
  • Insider Threats
  • Intellectual Property
  • Mobile Devices
  • Mobile Operating Systems
  • Operating Systems
  • Organizational Structure
  • Personnel Management
  • Security
  • Security Personnel
  • Software Development

Readers

  • Clinical Trial Research.
  • Cybersecurity.
  • Organizational Process Management (OPM).