Bishop et al., 2010

A Risk Management Approach to the “Insider Threat”

Type

Journal Article

Year

2010

Authors

Bishop, M., Engle, S., Frincke, D.A., Gates, C., Greitzer, F.L., Peisert, S., Whalen, S.

Publication

Probst et al., 2010

Pages

115-145

Abstract

Recent surveys indicate that the financial impact and operating losses due to insider intrusions are increasing. But these studies often disagree on what constitutes an “insider;” indeed, many define it only implicitly. In theory, appropriate selection of, and enforcement of, properly specified security policies should prevent legitimate users from abusing their access to computer systems, information, and other resources. However, even if policies could be expressed precisely, the natural mapping between the natural language expression of a security policy, and the expression of that policy in a form that can be implemented on a computer system or network, creates gaps in enforcement. This paper defines “insider” precisely, in terms of these gaps, and explores an access-based model for analyzing threats that include those usually termed “insider threats.” This model enables an organization to order its resources based on the business value for that resource and of the information it contains. By identifying those users with access to high-value resources, we obtain an ordered list of users who can cause the greatest amount of damage. Concurrently with this, we examine psychological indicators in order to determine which users are at the greatest risk of acting inappropriately. We conclude by examining how to merge this model with one of forensic logging and auditing.

(Bishop et al., 2010, p. 115-116)

Links

Citation

Bishop, M., Engle, S., Frincke, D.A., Gates, C., Greitzer, F.L., Peisert, S., Whalen, S., 2010. A Risk Management Approach to the “Insider Threat” in: Probst, C.W., Hunker, J., Gollmann, D., Bishop, M. (Eds.), Insider Threats in Cyber Security, Advances in Information Security. Springer US, Boston, MA, pp. 115–137. https://doi.org/10.1007/978-1-4419-7133-3_6


Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.


This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.