The Insider Misuse Threat Survey: Investigating IT misuse from legitimate users

The majority of computer security methods tend to focus upon the detection and prevention of security incidents of external origin. However, a number of surveys and media reports indicate the dangers of legitimate user misuse of IT resources, a separate category of computer security incidents with serious consequences for the integrity, privacy and availability of computer systems and networks. After the discussion of some basic terminology, accompanied by relevant case studies, the paper explores the problem of insider IT misuse by analyzing the results of a survey that specifically examines the issue. The results revealed that insider misuse is a significant problem – both in terms of the volume of incidents and their consequent impacts upon the organizations concerned. The findings also suggested characteristics that may help to profile insider IT misuse, and hence develop more efficient tools for the mitigation of insider threat.