Inside and Out? The information Security Threat from Insiders
ABSTRACT
A ‘broad’ definition of insider is proposed: someone who has skills, knowledge, resources or access, considered privileged to, or under the control of, an organization. This extends the traditional ‘narrow’ definition of insider as someone who just has privileged access to IT systems. This broad definition allows a detailed analysis of the strategy and modus operandi of insiders using threat susceptibility factors such as catalysts, inhibitors and amplifiers. This analysis is then used as a basis for a review of insider threat counter-measures.
AUTHORS
Principal Consultant, Information Security, QinetiQ plc, Malvern
UK
Dr. Rob Rowlingson is a principal consultant in information security at UK company QinetiQ (www.quinetiq.com) formerly the Defence Evaluation and Research Agency (DERA). His current research interests include digital evidence and computer-related crime, security in open source software and critical infrastructure, and the security of home computer users. He managed QinetiQ's participation in the European CTOSE project on digital evidence (www.ctose.org). He is also widely experienced in developing research strategy. In a previous incarnation he was a member of the DERA team which developed the Architecture Neutral Distribution Format (ANDF) for the Open Software Foundation.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
