Title :
Combating the Insider Cyber Threat
Author :
Greitzer, Frank L. ; Moore, Andrew P. ; Cappelli, Dawn M. ; Andrews, Dee H. ; Carroll, Lynn A. ; Hull, Thomas D.
Author_Institution :
Pacific Northwest Nat. Lab., Richland
Abstract :
The penetration of US national security by foreign agents as well as American citizens is a historical and current reality that´s a persistent and increasing phenomenon. Surveys, such as the e-crime watch survey, reveal that current or former employees and contractors are the second greatest cybersecurity threat, exceeded only by hackers, and that the number of security incidents has increased geometrically in recent years. The insider threat is manifested when human behavior departs from compliance with established policies, regardless of whether it results from malice or a disregard for security policies. In this article, we focus on the need for effective training to raise staff awareness about insider threats and the need for organizations to adopt a more effective approach to identifying potential risks and then taking proactive steps to mitigate them.
Keywords :
computer crime; government policies; national security; training; E-Crime Watch Survey; cyber threat; cybersecurity threat; hackers; insider threat; national security; security incidents; security policy; staff awareness; Computer security; Humans; Laboratories; Management training; National security; Predictive models; Research and development; Software engineering; Systems engineering education; Watches; CERT; Education; Merit Interactive; attack; insideer attack; threat mitigation; training;
Journal_Title :
Security & Privacy, IEEE
