Carnegie Mellon University
Browse
- No file added yet -

Pattern-Based Design of Insider Threat Programs

Download (600.92 kB)
report
posted on 2014-12-01, 00:00 authored by Andrew P Moore, Michael L. Collins, David Mundie, Robin R Ruefle, David M. McIntire

Despite the high impact of insider attacks, organizations struggle to implement effective insider threat programs. In addition to the mandate for all Department of Defense (DOD) and U.S. Government agencies to build such programs, approval of updates to the National Industrial Security Program Operating Manual regarding insider threat defense require thousands of contractors to have insider threat programs as part of their security defense. Unfortunately, according to the Insider Threat Task Force of the Intelligence and National Security Alliance (INSA) Cyber Council, many such organizations have no insider threat program in place, and most of the organizations that do have serious deficiencies. This report describes a pattern-based approach to designing insider threat programs that could, if further developed, provide a more systematic, targeted way of improving insider threat defense.

History

Date

2014-12-01

Usage metrics

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC