Spotlight On: Insider Threat from Trusted Business Partners. Version 2: Updated and Revised

Lewellen, Todd; Moore, Andrew P.; Cappelli, Dawn M.; Trzeciak, Randall F.; Spooner, Derrick; Weiland, Robert M

doi:10.21236/ada609903

Cited by 2 publications

(1 citation statement)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…External insiders have been treated evasively in the literature. They are approached either simplistically as insiders from trusted business partners (Weiland et al, 2010) and partner agents (Verizon, 2012), or collectively as partners (Bhala et al, 2010) and third-parties . However, external insiders (Franqueira et al, 2010a) have their own characteristics and pose additional challenges, thus requiring specific mitigations, compared to insiders and outsiders.…”

Section: Characteristics Of Outsiders Insiders and External Insidersmentioning

confidence: 99%

Engineering Security Agreements Against External Insider Threat

Franqueira

Cleeff

Eck

et al. 2013

Information Resources Management Journal

View full text Add to dashboard Cite

Companies are increasingly engaging in complex inter-organisational networks of business and trading partners, service and managed security providers to run their operations. Therefore, it is now common to outsource critical business processes and to completely move IT resources to the custody of third parties. Such extended enterprises create individuals who are neither completely insiders nor outsiders of a company, requiring new solutions to mitigate the security threat they cause. This paper improves the method introduced in Franqueira et al. (2012) for the analysis of such threat to support negotiation of security agreements in B2B contracts. The method, illustrated via a manufacturer-retailer example, has three main ingredients: modelling to scope the analysis and to identify external insider roles, access matrix to obtain need-to-know requirements, and reverse-engineering of security best practices to analyse both pose-threat and enforce-security perspectives of external insider roles. The paper also proposes future research directions to overcome challenges identified.

show abstract

Section: Characteristics Of Outsiders Insiders and External Insidersmentioning

confidence: 99%

Engineering Security Agreements Against External Insider Threat

Franqueira

Cleeff

Eck

et al. 2013

Information Resources Management Journal

View full text Add to dashboard Cite

show abstract

Development of Bayesian Networks for a Decision Support System During Internal Cyber Threats Analysis

Hlazunov

2024

Cybersecurity

View full text Add to dashboard Cite

Today, cloud computing has become an important technological paradigm that has become widely implemented in the activities of modern organizations, including in Ukraine. The transition to cloud services (CS) allows companies to increase efficiency, flexibility and competitiveness, as well as to optimize operational costs and risks related to information security (IS). Cloud technologies ensure the availability, scalability and reliability of corporate software applications and systems, which contributes to their widespread use in the modern business environment. At the same time, the use of CS creates new challenges and threats to IS, among which internal violators occupy a prominent place. Internal IS threats can pose the greatest danger to companies. These can be both intentional actions by disloyal employees and unintentional mistakes by honest employees. Insider attackers can have direct access to sensitive information and systems, making it difficult to detect and counter these threats. Effective internal threat risk management requires a comprehensive approach that includes technical, organizational, and personnel security measures. This work is an attempt to develop a method for early detection of such violators based on the application of Bayesian networks. The classification of internal intruders proposed in the study and the identified indicators of their activity constitute a new approach to the analysis and detection of IS threats in the cloud environment. The implementation of the learning model in Python and GeNIe Modeler demonstrates the possibility of creating effective intrusion detection tools that can complement existing DLP systems. The use of modern development and modeling tools makes this work relevant and innovative in the field of protecting cloud services from internal information security threats. Further research involves detailing the proposed method, as well as the analysis of other mathematical approaches that can be used to solve the task, with an assessment of the results of their application.

show abstract

Spotlight On: Insider Threat from Trusted Business Partners. Version 2: Updated and Revised

Cited by 2 publications

References 0 publications

Engineering Security Agreements Against External Insider Threat

Engineering Security Agreements Against External Insider Threat

Development of Bayesian Networks for a Decision Support System During Internal Cyber Threats Analysis

Contact Info

Product

Resources

About