The Insider Threat: Combatting the Enemy Within
()
About this ebook
The insider threat poses a significant and increasing problem for organisations. The use of highly connected computers makes controlling information much more difficult than in the past. This is shown by the regular stories of data loss in the media such as the 25 million personal records mailed out by Revenue and Customs in the UK. This pocket guide sheds light on the key security issues facing organisations from insiders, enabling organisations to get up to speed.
Clive Blackwell
Clive Blackwell is a researcher at Royal Holloway, University of London, where his main field is security architecture. He has developed a practical three-layer security architecture to model computer networks such as the Internet and other complex systems such as critical infrastructure. He is currently applying the model to the insider threat within different business sectors, which has resulted in several academic papers. Clive is a regular speaker on security at both academic and business conferences in the US and Europe as well as the UK. He has recently been invited to give talks on the insider threat at two major business conferences. Clive received a scholarship for his PhD in network security at Royal Holloway. It has the largest Information Security Group in the UK, and has more than 200 students from all over the world on its well-known MSc course. He holds a degree in Mathematics from Warwick University and in Computer Science from Royal Holloway where he passed out top of his class, and an MSc in Information Security also from Royal Holloway. He has about 20 publications to his name within the last two years. He also runs his own IT security consultancy, Advanced Computer Services, so he is aware of the security issues facing business.
Related to The Insider Threat
Related ebooks
Insider Threat: Prevention, Detection, Mitigation, and Deterrence Rating: 5 out of 5 stars5/5Managing Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsInformation Security Breaches: Avoidance and Treatment based on ISO27001 Rating: 0 out of 5 stars0 ratingsCyber Breach Response That Actually Works: Organizational Approach to Managing Residual Risk Rating: 0 out of 5 stars0 ratingsSecurity Leader Insights for Information Protection: Lessons and Strategies from Leading Security Professionals Rating: 0 out of 5 stars0 ratingsInformation Security Auditor: Careers in information security Rating: 0 out of 5 stars0 ratingsCybersecurity for Small Businesses and Nonprofits Rating: 0 out of 5 stars0 ratingsSecurity Leader Insights for Success: Lessons and Strategies from Leading Security Professionals Rating: 0 out of 5 stars0 ratingsCyber Security Awareness for Corporate Directors and Board Members Rating: 1 out of 5 stars1/5IT Security Concepts: 1, #1 Rating: 5 out of 5 stars5/5Measures and Metrics in Corporate Security Rating: 0 out of 5 stars0 ratingsComputer Incident Response and Forensics Team Management: Conducting a Successful Incident Response Rating: 4 out of 5 stars4/5Cyber Security Awareness for Lawyers Rating: 0 out of 5 stars0 ratingsThe Chief Security Officer’s Handbook: Leading Your Team into the Future Rating: 0 out of 5 stars0 ratingsThe Cybersecurity Maturity Model Certification (CMMC) – A pocket guide Rating: 0 out of 5 stars0 ratingsSelling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsMeasuring and Communicating Security's Value: A Compendium of Metrics for Enterprise Protection Rating: 0 out of 5 stars0 ratingsInformation Governance and Security: Protecting and Managing Your Company’s Proprietary Information Rating: 0 out of 5 stars0 ratingsLessons Learned: Critical Information Infrastructure Protection: How to protect critical information infrastructure Rating: 0 out of 5 stars0 ratingsCyber Risks for Business Professionals: A Management Guide Rating: 0 out of 5 stars0 ratingsHow to Define and Build an Effective Cyber Threat Intelligence Capability Rating: 4 out of 5 stars4/5Building an Information Security Awareness Program: Defending Against Social Engineering and Technical Threats Rating: 0 out of 5 stars0 ratingsSecurity Technology Convergence Insights Rating: 0 out of 5 stars0 ratingsCorporate Security Management: Challenges, Risks, and Strategies Rating: 5 out of 5 stars5/5The Chartered Cyber Security Officer Rating: 5 out of 5 stars5/58 Steps to Better Security: A Simple Cyber Resilience Guide for Business Rating: 0 out of 5 stars0 ratingsCertified Information Security Manager Second Edition Rating: 0 out of 5 stars0 ratingsInsider Threat A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsThreat Intelligence Platform Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratings
Security For You
CompTIA Security+ Certification Study Guide, Fourth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5IAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsCybersecurity For Dummies Rating: 4 out of 5 stars4/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsCompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Hacking For Dummies Rating: 4 out of 5 stars4/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition) Rating: 0 out of 5 stars0 ratingsCompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratingsHow to Hack Like a Pornstar Rating: 5 out of 5 stars5/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsWindows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry Rating: 4 out of 5 stars4/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Codes and Ciphers Rating: 5 out of 5 stars5/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5CompTIA CySA+ Cybersecurity Analyst Certification Passport (Exam CS0-002) Rating: 5 out of 5 stars5/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5
Reviews for The Insider Threat
0 ratings0 reviews
Book preview
The Insider Threat - Clive Blackwell
978-1-84928-136-2
ABOUT THE AUTHOR
Clive Blackwell is a researcher at Royal Holloway, University of London, where his main field is security architecture. He has developed a practical three-layer security architecture to model computer networks such as the Internet and other complex systems such as critical infrastructure. He is currently applying the model to the insider threat within different business sectors, which has resulted in several academic papers. Clive is a regular speaker on security at both academic and business conferences in the US and Europe as well as the UK. He has recently been invited to give talks on the insider threat at two major business conferences.
Clive received a scholarship for his PhD in network security at Royal Holloway. It has the largest Information Security Group in the UK, and has more than 200 students from all over the world on its well-known MSc course. He holds a degree in Mathematics from Warwick University and in Computer Science from Royal Holloway where he passed out top of his class, and an MSc in Information Security also from Royal Holloway. He has about 20 publications to his name within the last two years. He also runs his own IT security consultancy, Advanced Computer Services, so he is aware of the security issues facing business.
PREFACE
The insider threat poses a significant and increasing problem for organisations. The use of highly connected computers makes controlling information much more difficult than in the past. This is shown by the regular stories of data loss in the media such as the 25 million personal records mailed out by Revenue and Customs in the UK. In addition, we do not know enough about the insider threat, as of course many attacks are unknown to their victims or are not made public. We intend to shed light on the key security issues facing organisations from insiders to get them up to speed quickly.
ACKNOWLEDGEMENTS
I would like to thank the two Angelas. I am grateful to Angela Sasse for asking me to present a master class at the insider threat conference at University College London in November 2008, which helped me to formulate the ideas expressed in this book. Secondly, I would like to express thanks to Angela Wilde for giving me the opportunity to write this book and for her patience in awaiting its completion.
CONTENTS
CHAPTER 1:
MODELLING THE INSIDER THREAT
What is the insider threat?
Insiders, by definition, have some level of access to organisational resources that can be misused for their own purposes. The proportion of attacks originating from insiders is debatable, but it is clearly significant. We believe that insiders can often cause great damage to an organisation because of their privileged access, knowledge of weaknesses and the location of valuable targets. The 2008 CSI Computer Crime and Security Survey and the 2008 Information Security Breaches Survey have somewhat different views on the importance of the insider threat.
Most attention has historically been given to external threats, as they are more visible and easier to remedy. Internal attacks are more difficult to discover and diagnose because the controls can be evaded by employees. Many organisations only recognise the problem from insiders after they have been affected.
We focus on the insider threat, but we should also