Modeling the Emergence of Insider Threat Vulnerabilities

Martinez-moyano,; Conrad,; Rich,; Andersen, Ulrik L.

doi:10.1109/wsc.2006.323130

Cited by 10 publications

(7 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Dutta and Roy (2006) built and discussed the most substantial work on cyber security in the system dynamics literature to date, a model looking at compliance with information security protocols, as well as investment in training and technology. The system dynamics community has studied a limited number of cyber security topics, including insider threat (Rich et al 2005, Martinez-Moyano et al 2006, system vulnerability (Radianti et al 2009, Goldsmith and Siegel 2010, Goldsmith and Siegel 2012, general theories of human factors and security Sawicka 2003, Hillen et al 2006) We created a model that uses system dynamics to simulate organizational decisions about whether and how much to participation in cooperative cyber programs. The model allows explicit representation of decision-making strategies, and enables exploration of different scenarios.…”

Section: Previous Researchmentioning

confidence: 99%

A cognitive and economic decision theory for examining cyber defense strategies.

Bier¹

2014

View full text Add to dashboard Cite

Cyber attacks pose a major threat to modern organizations. Little is known about the social aspects of decision making among organizations that face cyber threats, nor do we have empirically-grounded models of the dynamics of cooperative behavior among vulnerable organizations. The effectiveness of cyber defense can likely be enhanced if information and resources are shared among organizations that face similar threats. Three models were created to begin to understand the cognitive and social aspects of cyber cooperation. The first simulated a cooperative cyber security program between two organizations. The second focused on a cyber security training program in which participants interact (and potentially cooperate) to solve problems. The third built upon the first two models and simulates cooperation between organizations in an information-sharing program.

show abstract

Section: Previous Researchmentioning

confidence: 99%

A cognitive and economic decision theory for examining cyber defense strategies.

Bier¹

2014

View full text Add to dashboard Cite

show abstract

“…Information security has been explored by using the system dynamics approach to focus on a number of topics, including the insider threat and attack problem [1,23,26], understanding security risks [30], and increasing learning and risk perception [6,14,15,22], among others [for a good collection of papers on the topic, see 13]. Specifically, our previous work related to insider threat identification and mitigation was based on empirical evidence collected by researchers of the CERT Coordination Center at Carnegie Mellon University's Software Engineering Institute with the U.S. Secret Service.…”

Section: Information Security Modelsmentioning

confidence: 99%

“…In reinforcement learning models, learning is achieved by identifying the outcomes of actions and decisions and assigning utility that promotes improvement. For example, MartinezMoyano et al [22,23], when studying insider-threat activities and vulnerabilities, use a reinforcement learning model to capture the mechanism used by security officers to determine the level of cutoff that maximizes identification of insider activity.…”

Section: Information Security Modelsmentioning

confidence: 99%

“…Implementation of security measures not cost effective since the cost of security might be greater than the likely consequences of small-scale attacks. Organizations have either implicitly or explicitly stated thresholds that guide their efforts to discern when action is warranted [22][23][24]. A joint U.S. Secret Service and CERT Coordination Center study on actual insider crimes [29] discusses how managers' decisions geared to enhancing productivity and performance in organizations unintentionally increase the risk of insider attacks [1,29].…”

Section: Implementation Of Security Measuresmentioning

confidence: 99%

“…In this paper, we expand on previous work related to the behavioral and technical aspects of emerging insider threat identification that has the potential to explain successes and failures in detection of malicious insiders [22][23][24]30] and on work that explores the dynamics of military operations from social and organizational perspectives [3]. The two bodies of work, although dealing with two seemingly disconnected domains, share fundamental elements related to the security dynamics.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations