Ten Tales of Betrayal: The Threat to Corporate Infrastructure by Information Technology Insiders Analysis and Observations

Shaw, Eric; Fischer, Lynn

doi:10.21236/ada441293

Cited by 42 publications

(64 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Shaw and Fischer (2005) noted that most of the threats in their study could have been prevented by timely and effective action to address the anger, pain, anxiety, or psychological impairment of perpetrators, who exhibited signs of vulnerability or risk well in advance of the crime: [Shaw and Fischer, 2005, pp. 41-43] To date, no systematic methods have been used to evaluate psychosocial behaviors that can predict increased risk for insider threats.…”

Section: Relevant Researchmentioning

confidence: 99%

“…Workman (2009b) observes that "When attitudes are negative about surveillance, employees are less likely to be committed to their work, they display lower organizational citizenship behaviors, and in some cases resort to furtive means of retaliation against management and the organization" (p. 348). In some cases management intervention on suspected employee disgruntlement issues may actually increase an employee's frustration level (Shaw and Fischer, 2005). On the other hand, lack of monitoring due to inflated or unjustified trust can also produce adverse effects.…”

Section: Privacy and Ethical Issuesmentioning

confidence: 99%

See 1 more Smart Citation

Identifying at-risk employees: A behavioral model for predicting potential insider threats

Greitzer¹,

Kangas²,

Noonan³

et al. 2010

View full text Add to dashboard Cite

SummaryA model was developed to assess employees' behavioral manifestations of a number of psychological and personality predispositions that are hypothesized to indicate an increased risk of insider abuse. This psychosocial model is based on case studies and research literature on factors and correlates associated with behavioral precursors of individuals committing insider crimes. In many of these crimes, managers and other coworkers observed that the offenders had exhibited signs of stress, disgruntlement, or other issues, but no alarms were raised. Barriers to using such psychosocial indicators include the inability to recognize the signs and the failure to record the behaviors so that they can be assessed.The model has been implemented as a Bayesian belief network, designed with the help of human resources staff experienced in evaluating workplace behaviors. We conducted an experiment to assess the agreement of the model's risk assessment output with judgments of human resources and management professionals on the relative insider threat risks of a collection of sample scenarios. The model exhibited strong agreement with judgments of the human experts, suggesting that it has potential as a tool to raise an alarm about employees who pose higher insider threat risks. While additional testing is needed, we suggest that combining this type of analysis with more traditional cyber/workstation monitoring tools can ease the processing burden and improve performance of computer-assisted insider threat monitoring and detection.v

show abstract

Section: Relevant Researchmentioning

confidence: 99%

Section: Privacy and Ethical Issuesmentioning

confidence: 99%

Identifying at-risk employees: A behavioral model for predicting potential insider threats

Greitzer¹,

Kangas²,

Noonan³

et al. 2010

View full text Add to dashboard Cite

show abstract

“…In most organizations, insider threats remain statistically rare (Shaw and Fischer 2005). However, if by chance there were to be more than two cases surfacing at the same time, the attending burden would rapidly overmatch the availability of experts on hand to address those cases.…”

Section: Unifying Thread Of Conventional Defensesmentioning

confidence: 99%

Insider Threat: Applying No Dark Corners Defenses

Catrantzos¹

2018

Handbook of Security Science

View full text Add to dashboard Cite

“…There has been much research into the psychology and motivation of insiders, but the hard fact is that it is very difficult to predict who will commit security fraud [5]. As noted by Shaw and Fischer [6], "Eighty percent of the threats could have been prevented by timely and effective action to address the anger, pain, anxiety, or psychological impairment of perpetrators, who exhibited signs of vulnerability or risk well in advance of the crime of abuse." Clearly, prediction of insider adverse actions is a difficult challenge, but the potential payoff in avoiding asset and information loss of major consequence serves to justify further research and development of predictive mechanisms.…”

Section: Threat Prediction and Psychological Indicatorsmentioning

confidence: 99%

AZALIA: an A to Z assessment of the likelihood of insider attack

Bishop

Gates²,

Frincke

et al. 2009

2009 IEEE Conference on Technologies for Homeland Security

View full text Add to dashboard Cite

Abstract-The insider threat problem is increasing, both in terms of the number of incidents and their financial impact. To date, solutions have been developed to detect specific instances of insider attacks (e.g., fraud detection) and therefore use very limited information for input. In this paper we describe an architecture for an enterprise-level solution that incorporates data from multiple sources. The unique aspects of this solution include the prioritization of resources based on the business value of the protected assets, and the use of psychological indicators and language affectation analysis to predict insider attacks. The goal of this architecture is not to detect that insider abuse has occurred, but rather to determine how to prioritize monitoring activities, giving priority to scrutinizing those whose background includes access to key combinations of assets as well as those psychological/other factors that have in the past been associated with malicious insiders.

show abstract

Ten Tales of Betrayal: The Threat to Corporate Infrastructure by Information Technology Insiders Analysis and Observations

Cited by 42 publications

References 10 publications

Identifying at-risk employees: A behavioral model for predicting potential insider threats

Identifying at-risk employees: A behavioral model for predicting potential insider threats

Insider Threat: Applying No Dark Corners Defenses

AZALIA: an A to Z assessment of the likelihood of insider attack

Contact Info

Product

Resources

About