Deriving Candidate Technical Controls and Indicators of Insider Attack From Socio-Technical Models and Data

The insider threat continues to be one of the prime issues facing government entities and organizations across critical infrastructure sectors. This paper seeks to demonstrate how a useful method for extracting technical information from previous insider crimes and mapping it to previous modeling work can create informed candidate technical controls and indicators. This paper also shows current examples of case material and candidate indicators that have been successfully converted into well-received insider threat training modules.

Provided by: Carnegie Mellon University Topic: Security Date Added: Jan 2011 Format: PDF

Find By Topic