The Insider Threat: Combatting the Enemy Within
()
About this ebook
The insider threat poses a significant and increasing problem for organisations. The use of highly connected computers makes controlling information much more difficult than in the past. This is shown by the regular stories of data loss in the media such as the 25 million personal records mailed out by Revenue and Customs in the UK. This pocket guide sheds light on the key security issues facing organisations from insiders, enabling organisations to get up to speed.
Clive Blackwell
Clive Blackwell is a researcher at Royal Holloway, University of London, where his main field is security architecture. He has developed a practical three-layer security architecture to model computer networks such as the Internet and other complex systems such as critical infrastructure. He is currently applying the model to the insider threat within different business sectors, which has resulted in several academic papers. Clive is a regular speaker on security at both academic and business conferences in the US and Europe as well as the UK. He has recently been invited to give talks on the insider threat at two major business conferences. Clive received a scholarship for his PhD in network security at Royal Holloway. It has the largest Information Security Group in the UK, and has more than 200 students from all over the world on its well-known MSc course. He holds a degree in Mathematics from Warwick University and in Computer Science from Royal Holloway where he passed out top of his class, and an MSc in Information Security also from Royal Holloway. He has about 20 publications to his name within the last two years. He also runs his own IT security consultancy, Advanced Computer Services, so he is aware of the security issues facing business.
Related to The Insider Threat
Related ebooks
Insider Threat: Prevention, Detection, Mitigation, and Deterrence Rating: 5 out of 5 stars5/5Selling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsCyber Breach Response That Actually Works: Organizational Approach to Managing Residual Risk Rating: 0 out of 5 stars0 ratingsManaging Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsSecurity Leader Insights for Information Protection: Lessons and Strategies from Leading Security Professionals Rating: 0 out of 5 stars0 ratingsIT Induction and Information Security Awareness: A Pocket Guide Rating: 0 out of 5 stars0 ratingsSecurity Leader Insights for Success: Lessons and Strategies from Leading Security Professionals Rating: 0 out of 5 stars0 ratingsMeasures and Metrics in Corporate Security Rating: 0 out of 5 stars0 ratingsInformation Governance and Security: Protecting and Managing Your Company’s Proprietary Information Rating: 0 out of 5 stars0 ratingsCybersecurity for Small Businesses and Nonprofits Rating: 0 out of 5 stars0 ratingsCyber Risks for Business Professionals: A Management Guide Rating: 0 out of 5 stars0 ratingsCorporate Security Management: Challenges, Risks, and Strategies Rating: 5 out of 5 stars5/5Facility Security Principles for Non-Security Practitioners Rating: 0 out of 5 stars0 ratingsMeasuring and Communicating Security's Value: A Compendium of Metrics for Enterprise Protection Rating: 0 out of 5 stars0 ratingsThe Chief Security Officer’s Handbook: Leading Your Team into the Future Rating: 0 out of 5 stars0 ratingsComputer Incident Response and Forensics Team Management: Conducting a Successful Incident Response Rating: 4 out of 5 stars4/5Cyber Security Awareness for Corporate Directors and Board Members Rating: 1 out of 5 stars1/5Cyber Security Awareness for Lawyers Rating: 0 out of 5 stars0 ratingsBuilding a Practical Information Security Program Rating: 5 out of 5 stars5/5The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks Rating: 0 out of 5 stars0 ratingsHow to Define and Build an Effective Cyber Threat Intelligence Capability Rating: 4 out of 5 stars4/5Building an Information Security Awareness Program: Defending Against Social Engineering and Technical Threats Rating: 0 out of 5 stars0 ratingsIT Governance Critical Issues Series: Cyber Security Rating: 0 out of 5 stars0 ratingsThe Cybersecurity Maturity Model Certification (CMMC) – A pocket guide Rating: 0 out of 5 stars0 ratingsThe Case for ISO27001:2013 Rating: 1 out of 5 stars1/5Cyber Essentials: A Pocket Guide Rating: 5 out of 5 stars5/5The Chief Information Security Officer: Insights, tools and survival skills Rating: 1 out of 5 stars1/5Cyber Security: Essential principles to secure your organisation Rating: 0 out of 5 stars0 ratingsCorporate Security A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsInsider Threat A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratings
Security For You
How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5IAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsCompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5How I Rob Banks: And Other Such Places Rating: 0 out of 5 stars0 ratingsCodes and Ciphers - A History of Cryptography Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsHow to Hack Like a Pornstar Rating: 5 out of 5 stars5/5Hacking For Dummies Rating: 4 out of 5 stars4/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsEthical Hacking 101 - How to conduct professional pentestings in 21 days or less!: How to hack, #1 Rating: 5 out of 5 stars5/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition) Rating: 0 out of 5 stars0 ratingsSocial Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming Rating: 3 out of 5 stars3/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5
Reviews for The Insider Threat
0 ratings0 reviews
Book preview
The Insider Threat - Clive Blackwell
978-1-84928-136-2
ABOUT THE AUTHOR
Clive Blackwell is a researcher at Royal Holloway, University of London, where his main field is security architecture. He has developed a practical three-layer security architecture to model computer networks such as the Internet and other complex systems such as critical infrastructure. He is currently applying the model to the insider threat within different business sectors, which has resulted in several academic papers. Clive is a regular speaker on security at both academic and business conferences in the US and Europe as well as the UK. He has recently been invited to give talks on the insider threat at two major business conferences.
Clive received a scholarship for his PhD in network security at Royal Holloway. It has the largest Information Security Group in the UK, and has more than 200 students from all over the world on its well-known MSc course. He holds a degree in Mathematics from Warwick University and in Computer Science from Royal Holloway where he passed out top of his class, and an MSc in Information Security also from Royal Holloway. He has about 20 publications to his name within the last two years. He also runs his own IT security consultancy, Advanced Computer Services, so he is aware of the security issues facing business.
PREFACE
The insider threat poses a significant and increasing problem for organisations. The use of highly connected computers makes controlling information much more difficult than in the past. This is shown by the regular stories of data loss in the media such as the 25 million personal records mailed out by Revenue and Customs in the UK. In addition, we do not know enough about the insider threat, as of course many attacks are unknown to their victims or are not made public. We intend to shed light on the key security issues facing organisations from insiders to get them up to speed quickly.
ACKNOWLEDGEMENTS
I would like to thank the two Angelas. I am grateful to Angela Sasse for asking me to present a master class at the insider threat conference at University College London in November 2008, which helped me to formulate the ideas expressed in this book. Secondly, I would like to express thanks to Angela Wilde for giving me the opportunity to write this book and for her patience in awaiting its completion.
CONTENTS
CHAPTER 1:
MODELLING THE INSIDER THREAT
What is the insider threat?
Insiders, by definition, have some level of access to organisational resources that can be misused for their own purposes. The proportion of attacks originating from insiders is debatable, but it is clearly significant. We believe that insiders can often cause great damage to an organisation because of their privileged access, knowledge of weaknesses and the location of valuable targets. The 2008 CSI Computer Crime and Security Survey and the 2008 Information Security Breaches Survey have somewhat different views on the importance of the insider threat.
Most attention has historically been given to external threats, as they are more visible and easier to remedy. Internal attacks are more difficult to discover and diagnose because the controls can be evaded by employees. Many organisations only recognise the problem from insiders after they have been affected.
We focus on the insider threat, but we should also