The Threat Of Cyber Security

3043 Words13 Pages
ABSTRACT While many organizations focus their security efforts on their network border, it is the insider that perhaps poses the most risk to cyber-security. An Insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization 's security practices, data and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems. From executives, to IT administrators to partners, many people have access to sensitive data that if publicly exposed, could have…show more content…
[1] The objective of this paper is to describe seven general observations about insider threats based on empirical data and study findings from over 150 insider cybercrimes that were analyzed by the Carnegie Melon University Software Engineering Institute (CERT). Based on these observations, this paper will then reveal the value of modeling by showing threat models for insider threats and how the value of seeing the big picture can contribute to time and focus. This paper will also reveal the value of merging psychology with information security. Categories and Subject Descriptors K.6.5 [Management of Computing and Information Systems]: Security and Protection – Access Controls, Authentication, information flow controls, invasive software. General Terms Management, Design, Security. Keywords Insider Threat, Data Exfiltration, Model. 1. INTRODUCTION Ever since the creation of the internet more than two decades ago, cyber-attacks have increased in sophistication and frequency. The conventional paradigm of cyber-attacks was to target a number of system vulnerabilities, write exploits, and then mass distribute them to a large number of internet hosts. For this reason, most security systems focused on defending against Malware, making sure that all systems are timely patched with the most up to date version of operating systems etc. However, these conventional defenses are often insufficient to defend against more powerful attacks staged by insiders. Insider

More about The Threat Of Cyber Security

Open Document