Defending against insider threats and internal data leakage

In the last decade, computer science researchers have been working hard to prevent attacks against the security of information systems. Different adversary models have incarnated the malicious entities against which researchers have defined security properties, identified security vulnerabilities, and engineered security defenses. These adversaries were usually intruders, that is, outsiders trying to break into a system’s defenses. However, security reports clearly reveal that an increasing number of threats come presently from insiders. Insiders are legally authorized individuals who have, or used to have, access to corporate resources. Their illegal activities are not easily distinguishable from the uncommon but legal activities executed by honest corporate users. To detect insiders’ illegal activities is therefore hard, to recover after a security breach by an insider is expensive, and even though insider attacks occur less frequently than outsider, their consequences are far more severe. Insiders can cause significant damages to enterprises, companies, and countries. They can threaten an enterprise’s reputation, weaken national and international competitiveness, and compromise a country’s overall business. Therefore, it is necessary to develop countermeasures that are able to evaluate and to contain the risks of unauthorized accesses coming from insiders. Those countermeasures—physical, managerial, and technical— should construct an integral security management system that is able to protect, internally as well as externally, a company’s major information assets. This special issue collects scientific studies and works on security technologies and management systems designed to protect an organization’s information systems from corporate intrusions. It aims to be the showcase for researchers who look at state-of-the-art solutions about preventing leakage of organizations’ information caused by insiders or by insiders’ actions. This special issue consists of one invited contribution and seven carefully selected scientific papers. The invited paper, Reverse-safe Authentication Protocol for Secure USB Memories, by K. Lee, K. Yim, and E. Spafford, opens the special issue. This paper studies the security of USB memories. These small but capacious storage devices are extremely handy. People use them to carry personal and professional information, including pieces of very sensitive and valuable data. Unfortunately, USB memory devices are easy to steal, and once they are lost or stolen, their valuable content can be hacked.