User Account

All Pages

Most serious security problem

Assignment Help Business Management
Reference no: EM131937580

Please paraphrase the below

Abstract

The insider threat has received considerable attention, and is often cited as the most serious security problem. It is also considered the most difficult problem to deal with, because an "insider" has information and capabilities not known to external attackers. The difficulty in handling the insider threat is reasonable under those circumstances; if one cannot define a problem precisely, how can one approach a solution, let alone know when the problem is solved? This chapter presents some aspects of insider threats

1 Introduction

The "insider threat" or "insider problem" has received considerable attention [2, 13], and is cited as the most serious security problem in many studies. It is also consid- ered the most difficult problem to deal with, because an "insider" has information and capabilities not known to other, external attackers. However, the term "insider threat" is usually either not defined at all, or defined nebulously.

The difficulty in handling the insider threat is reasonable under those circumstances; if one cannot define a problem precisely, how can one approach a solution, let alone know when the problem is solved? It is noteworthy that, despite this im-ponderability, definitions of the insider threat still have some common elements. For example, a workshop report [4] defined the problem as malevolent (or possibly in- advertent) actions by an already trusted person with access to sensitive information and information systems. Elsewhere, that same report defined an insider as some- one with access, privilege, or knowledge of information systems and services. An- other report [12] implicitly defined an insider as anyone operating inside the security perimeter-while already the assumption of only having a single security perimeter may be optimistic.

Insiders and Insider Threats

One of the most urgent quests for communities dealing with insider threats is identifying the characteristic features of an insider. One approach for doing so is to look at recent insider threat cases, and try to find individual or common properties. This is an important step, since insider threat cases can be rather diverging.

To be able to deal with cases so divergent, one clearly needs 1) a common vision of how insiders can be categorized; and 2) security policies for countering insider threats, and ways to evaluate the impact of alternative security policies.

From analyzing cases several approaches to identifying an insider can be developed:

  • An insider is defined with respect to a resource, leading to "degrees of insider- ness";
  • An insider is somebody with legitimate access to resources;
  • An insider is a wholly or partially trusted subject;
  • An insider is an individual who has or had access to resources;
  • An insider is a system user who can misuse privileges;
  • An insider is an individual with authorized access who might attempt unautho- ?rized removal or sabotage of critical assets or who could aid outsiders in doing ?so; and
  • An insider is a person or company whom we trust.

These definitions immediately lead to a series of discussions on what is meant by "access" (code, credentials, timing of access rights), whether an insider is suffi- ciently defined based on resources or whether a definition should take the system into account, and how the definition relates to a masquerader, namely an outsider being able to trick a system into believing he is an insider. ?Exploring these aspects enables us to reason about what makes a good insider:

  • Knowledge, intent, motivation;
  • Possesses power to act as agent of the business;
  • Knowledge of underlying business IT platforms;
  • Knowledge/control over IT security controls; and
  • Ability to incur liability in pecuniary terms or in brand damage or other intangible ?terms.

The skill of insiders is also an important a factor defining the threat posed by ma- licious insiders, or non-malicious insiders just trying to get their job done. "Moti- vation" in general is an important question when dealing with insider threats and their consequences. This can cover the whole range from "innocent action", "fun", "technical challenge", "criminal intentions", to "espionage", or a combination of each of these factors. Surprisingly, even though one would expect the contrary, the effect of actions can be equally devastating for each of these motivations. This, of course, makes detecting a threat even more important-but also more complicated. A key observation is that the definition of an insider for threat purposes is different than the definition for business purposes.

Based on the aspects defined above, one can in turn decide how to defined an insider, namely in terms of someone with:

  • Knowledge: Implies an open system, one that remains secure (if at all) even with full knowledge of the system operation; alternatively, security through obscurity; or
  • Trust: An individual is empowered by the organization to be an insider; or
  • Access: An insider is in possession of a credential giving access to the system - an IT centric perspective, since the system in general does not know who ?possesses the credential.

Reference no: EM131937580

Questions Cloud

What is the required return on the market : Assume that the risk-free rate is 3.90% and that the market risk premium is 10.00%. What is the required return on the market?
Find the amount of interest in the payment : A loan has a term of 30 years. Payments are made at the end of each year. Find the amount of interest in the 12th payment.
Explain how the poet uses literary elements from poetry : Analyze the poem and explain how the poet uses literary elements from poetry to convey that theme.
What is the total cost forecast for volume of patient visits : Assume that Randall Clinic has fixed costs of $500,000 and a variable cost (per visit) rate of $20. What is the total cost forecast for a volume of 5,000.
Most serious security problem : The insider threat has received considerable attention, and is often cited as the most serious security problem. It is also considered the most difficult
Determine the time-weighted rate of return : Given that the dollar-weighted rate of return is 0%, determine the time-weighted rate of return.
Creating the optimal risky portfolio from the stock : Assume the risk-free rate is 1.75%. You put 70% of your money in a stock portfolio that has an expected return of 11.75% and a standard deviation of 28%.
Information assurance aspect of access controls : What term is used to describe a system-created access control list that handles the information assurance aspect of access controls?
What about jimis style set him apart from his contemporaries : What about Jimi's style set him apart from his contemporaries (including Clapton and Beck)? What is your opinion of his influence?

Reviews

Write a Review

Business Management Questions & Answers

  Profound knowledge and crosby absolutes

Compare Deming's Theory of Profound Knowledge and Crosby's Absolutes of Quality Management. Do these theories conflict or complement each other?

  Explain foreign country stealing our technology

Explain page paper detailing the legal and security implications of any foreign country stealing our technology.

  Presentation for the leadership in your ministry

Create a 10-15 slide presentation for the leadership in your ministry. Be creative, using a Venn diagram or other charts

  Question about conflict in organizations

Describe observations and perceptions of conflict occurring at DELTA AIRLINES - Analysis. Use any theories and models learned in class that lead to an understanding of the behavioral and psychological dynamics of the situation.

  Designing a sound cycle system

What are the most critical issues to designing a sound cycle system?

  How eco-efficiency and product stewardship can contribute

Explain how eco-efficiency and product stewardship can contribute to sustainability and achieving business goals.

  Define and characterize mission statements

Define and characterize mission statements. What roles do mission statements play for a project?

  Write summary how apple achieved business success

Using what you have learned about the different departments in a company and why they must work together to achieve success, explain in a one page summary.

  Legal environment of that country or region

1) Select a country abroad which you would recommend a U.S. company to consider expanding their operations into.

  How is uber providing that added efficiency

The market has decided that Uber and its immediate competitors are adding efficiency to our society. How is Uber providing that added efficiency?

  Variety of opportunities for him professionals

The profession of HIM is constantly changing, offering a variety of opportunities for HIM professionals. Many professionals work from home; however, this opportunity comes with years of experience. As a new HIM professional, you will likely be req..

  Balancing priorities short- and long-term growth

Explain how would you balance your priorities between managing the near term growth and seeking innovations for future growth?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd