Insider Threat Defined: Discovering
the Prototypical Case
Abstract In a continued
effort to better define the field of insider threat research, this study
presents a survey of 30 cybersecurity experts¡¯ opinions on the attributes of
a prototypical insider and insider threat case. The survey is based on the
attributes in the Entity-Relationship Model developed in a previous study of
42 different definitions of insider and insider threat. To develop clearer
consensus and uniformity in the field, we discuss the attributes, which, in
this small exploratory study, experts saw as typical or atypical components
of an insider threat case. Keywords: insider threat, taxonomy, ontology, attributes +: Corresponding author: Samuel J. Perl 4500 Forbes Avenue
Pittsburgh, PA, 15213, Tel: +1-412-268-4112 Journal of
Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications
(JoWUA), Vol. 5, No. 2,
pp. 7-23, June 2014 [pdf] |