Skip to main content
SpringerLink
Log in
Book cover

Insider Attack and Cyber Security pp 5–16Cite as

Reflections on the Insider Threat

  • Chapter

Part of the book series: Advances in Information Security ((ADIS,volume 39))

Abstract

This paper reports on a workshop in June 2007 on the topic of the insider threat. Attendees represented academia and research institutions, consulting firms, industry—especially the financial services sector, and government. Most participants were from the United States. Conventional wisdom asserts that insiders account for roughly a third of the computer security loss. Unfortunately, there is currently no way to validate or refute that assertion, because data on the insider threat problem is meager at best. Part of the reason so little data exists on the insider threat problem is that the concepts of insider and insider threat are not consistently defined. Consequently, it is hard to compare even the few pieces of insider threat data that do exist. Monitoring is a means of addressing the insider threat, although it is more successful to verify a case of suspected insider attack than it is to identify insider attacks. Monitoring has (negative) implications for personal privacy. However, companies generally have wide leeway to monitor the activity of their employees. Psychological profiling of potential insider attackers is appealing but may be hard to accomplish. More productive may be using psychological tools to promote positive behavior on the part of employees.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Author information

Authors and Affiliations

  1. Pfleeger Consulting Group, Prentice Hall

    Charles P. Pfleeger

Authors
  1. Charles P. Pfleeger
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Columbia University, 1214 Amsterdam Avenue MC 0401, New York, NY 10027-7003, USA

    Salvatore J. Stolfo , Steven M. Bellovin , Angelos D. Keromytis  & Shlomo Hershkop , ,  & 

  2. Department of Computer Science, Dartmouth College, Hanover, NH 03755-3510, USA, 6211 Sudikoff Laboratory

    Sean W. Smith  & Sara Sinclair  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer Science+Business Media, LLC

About this chapter

Cite this chapter

Pfleeger, C.P. (2008). Reflections on the Insider Threat. In: Stolfo, S.J., Bellovin, S.M., Keromytis, A.D., Hershkop, S., Smith, S.W., Sinclair, S. (eds) Insider Attack and Cyber Security. Advances in Information Security, vol 39. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-77322-3_2

Download citation

  • DOI: https://doi.org/10.1007/978-0-387-77322-3_2

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-77321-6

  • Online ISBN: 978-0-387-77322-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation