Training organizational supervisors to detect and prevent cyber insider threats: two approaches
نویسندگان
چکیده
Cyber insider threat is intentional theft from, or sabotage of, a cyber system by someone within the organization. This article explores the use of advanced cognitive and instructional principles to accelerate learning in organizational supervisors to mitigate the cyber threat. It examines the potential advantage of using serious games to engage supervisors. It also posits two systematic instructional approaches for this training challenge – optimal path modelling and a competency-based approach. The paper concludes by discussing challenges of evaluating training for seldom occurring real world phenomena, like detecting a cyber-insider threat.
منابع مشابه
Insiders and Insider Threats - An Overview of Definitions and Mitigation Techniques
Threats from the inside of an organization’s perimeters are a significant problem, since it is difficult to distinguish them from benign activity. In this overview article we discuss defining properties of insiders and insider threats. After presenting definitions of these terms, we go on to discuss a number of approaches from the technological, the sociological, and the socio-technical domain....
متن کاملAddressing Insider Threats and Information Leakage
Insider threats are one of the problems of organizational security that are most difficult to handle. It is often unclear whether or not an actor is an insider, or what we actually mean by “insider”. It also is often impossible to determine whether an insider action is permissible, or whether it constitutes an insider attack. From a technical standpoint, the biggest concern is the discriminatio...
متن کاملMonitoring Technologies for Mitigating Insider Threats
The annual Computer Crime and Security Survey for 2008 [1] surveyed 522 security employees from US corporations and government agencies, finding that insider incidents were cited by 44 percent of respondents, nearly as high as the 49 percent that encountered a conventional virus in the previous year. In general, there is an increasing recognition of the significance, scope and cost of the malic...
متن کاملAn Authorization Framework for Database Systems
Today, data plays an essential role in all levels of human life, from personal cell phones to medical, educational, military and government agencies. In such circumstances, the rate of cyber-attacks is also increasing. According to official reports, data breaches exposed 4.1 billion records in the first half of 2019. An information system consists of several components, which one of the most im...
متن کاملA Risk Management Approach to the "Insider Threat"
Recent surveys indicate that the financial impact and operating losses due to insider intrusions are increasing. But these studies often disagree on what constitutes an “insider;” indeed, many define it only implicitly. In theory, appropriate selection of, and enforcement of, properly specified security policies should prevent legitimate users from abusing their access to computer systems, info...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- ICST Trans. Security Safety
دوره 1 شماره
صفحات -
تاریخ انتشار 2013