A critical reflection on the threat from human insiders--its nature, industry perceptions, and detection approaches

Tools

Nurse, Jason RC; Legg, Philip A; Buckley, Oliver; Agrafiotis, Ioannis; Wright, Gordon; Whitty, Monica; Upton, David; Goldsmith, Michael and Creese, Sadie. 2014. 'A critical reflection on the threat from human insiders--its nature, industry perceptions, and detection approaches'. In: International Conference on Human Aspects of Information Security, Privacy, and Trust. Heraklion, Greece 22 - 27 June 2014. [Conference or Workshop Item]

Preview

Text
Nurse22014_paper.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial.
Download (183kB) | Preview

Official URL: http://www.springer.com/us/book/9783319076195

Abstract or Description

Organisations today operate in a world fraught with threats, including “script kiddies”, hackers, hacktivists and advanced persistent threats. Although these threats can be harmful to an enterprise, a potentially more devastating and anecdotally more likely threat is that of the malicious insider. These trusted individuals have access to valuable company systems and data, and are well placed to undermine security measures and to attack their employers. In this paper, we engage in a critical reflection on the insider threat in order to better understand the nature of attacks, associated human factors, perceptions of threats, and detection approaches. We differentiate our work from other contributions by moving away from a purely academic perspective, and instead focus on distilling industrial reports (i.e., those that capture practitioners’ experiences and feedback) and case studies in order to truly appreciate how insider attacks occur in practice and how viable preventative solutions may be developed.

Item Type:

Conference or Workshop Item (Other)

Identification Number (DOI):

https://doi.org/10.1007/978-3-319-07620-1_24