China 
Africa 
Explore chapters and articles related to this topic
Embracing functionality and security
Published in Nikki Robinson, Mind the Tech Gap, 2023
Cognitive limitations are one component for individuals and management to consider in IT and cybersecurity programs, but several other psychological concepts could be integrated into the organization. Behavioral analysis techniques may be used by insider threat programs to identify malicious insiders. But these techniques are applicable to other groups within the organization and can be used to help teams empathize with each other. Behavioral analysis is the study of understanding human behavior with the intention to change or alter bad behaviors, for example, helping someone to understand why they bite their nails and help encourage them to stop (Lahcen et al., 2020). There are many techniques used by behavioral analysts, but of particular interest is identifying and understanding personality types of technical practitioners.
Veracity and Counter Claims
Published in Kevin E. Foltz, William R. Simpson, Enterprise Level Security 2, 2020
Kevin E. Foltz, William R. Simpson
Guidance and policies for insider threat are incomplete as of this time. Insiders may be loyal but careless members of the enterprise, or they may have malicious (nefarious) intentions. For the former, training and some limited mechanisms such as white or black listing are useful. Activity monitoring is primarily for forensics. The nefarious insider may know all of the monitoring and avoid it. Veracity (sometimes called reputation) can provide a measure of susceptibility to co-option or conversion. Due to a number of recent malicious insiders such as Edward Snowden [116], Bradley Manning [117], and others [118], each organization must assess its own insider threat situation. An insider threat is:a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization’s security practices, data and computer systems. [119]
Artificial Intelligence for Cybersecurity
Published in Mazin Gilbert, Artificial Intelligence for Autonomous Networks, 2018
Anestis Karasaridis, Brian Rexroad, Pat Velardo
Generally, an insider threat is a person(s) with malicious intent that has access to an organization’s assets. Their objectives may be to steal property, disrupt business, or expose information to the public domain. Some also consider inadvertent impact to organizations that are caused by personnel with authorized accesses as insider threats as well. In other words, if there are insufficient controls in place to minimize the opportunity for personnel to make honest mistakes that impact the business, this too is sometimes considered an insider threat. These threats may be employees, former employees, contractors, or business associates. Finally, if an outside attacker can obtain valid user credentials and log into systems with the appearance of a normal user, the means to detect such a threat has significant overlap as an insider threat. An insider threat misuses his/her privileges to perform activities that are not intended to be allowed. The awareness of the threat posed by trusted insiders has greatly increased in recent years because of recent high-profile insiders incidents, (e.g., Snowden [10] and Manning [11]), where large amounts of very sensitive information has been exposed to the public domain. Information technology and digital assets can allow insiders threats to conduct their activities remotely, which may make them feel safer.
Data Loss Prevention from a Malicious Insider
Published in Journal of Computer Information Systems, 2022
Edson Machado de Sousa, Abid Shahzad
Insider threat is related to a combination of technical, behavioral, and organizational issues, which are in most cases acknowledged as an unintentional act. A current or former employee, a user from a partner organization or even a customer could be a malicious insider and can cause damage to data security and privacy. The research findings revealed that CSPs understand an insider threat as a serious data privacy risk. In particular, a malicious insider threat raises a high level of concern regarding the security of key assets. User behavior is identified as the basic driver to plan security strategies against malicious insider. The results highlight that key assets and user behavior must be under constant monitoring to ensure the privacy and security of CSCs’ data. Concerning mitigating the risk of data loss from a malicious insider, the results reveal Security Information and Event Management and Log Management System as the technologies that CSPs have implemented to detect and analyze insider threat. Endpoint and Mobile Security, Identity and Access Management, and Data Encryption are the latest technologies that CSPs used to deter insider threat. Moreover, administrative measures, policies, and training and awareness mechanisms are normally considered mitigating malicious behavior.
Exploring Personal and Environmental Factors that Can Reduce Nonmalicious Information Security Violations
Published in Information Systems Management, 2022
Increasingly, behavioral IS security researchers are turning attention to understanding the motivations and inclinations of the human agent (the insider) who continues to be viewed as the root cause of security incidents in organizations (e.g., Crossler et al., 2013; Ifinedo, 2016; Ponemon Institute, 2020; Renaud et al., 2019). Researchers also focus on the insider’s environment (e.g., Cuganesan et al., 2018; Ogbanufe, 2021) to enrich insights. Broadly, many information security incidents flourish because insiders fail to adhere to organizational directives against undesired cyber engagements and practices (Institute, 2012; Ponemon Institute, 2020). An insider also known as “insider threat” refers to a part-time worker, a former employee, other business associates, and a current employee who has had or has access to an organization’s IS assets (Posey et al., 2015). Traditionally, “insider threat” has been limited to malicious actions committed by the insider (CISA – US-CERT, 2020). However, four types of insider threats have since been recognized. These include the nonmalicious insider threat (i.e., a careless or negligent insider), malicious insider threat (i.e., an employee with criminal intent), accidental insider threat (i.e., an inadvertent insider), and a credential thief (i.e., impostor risk; Information Security Forum, 2015; Ponemon Institute, 2020). Descriptions of each are noted.1 A recent report indicated that in 2021 organizations spent an average of $15.4 million annually on insider threats, and 56% of such incidents are linked to negligent insiders (”Ponemon Institute,” 2022).