: Christian W. Probst, Jeffrey Hunker, Dieter Gollmann, Matt Bishop
: Christian W. Probst, Jeffrey Hunker, Dieter Gollmann
: Insider Threats in Cyber Security
: Springer-Verlag
: 9781441971333
: Advances in Information Security
: 1
: CHF 95.00
:
: Informatik
: English
: 244
: Wasserzeichen/DRM
: PC/MAC/eReader/Tablet
: PDF

Insider Threats in Cyber Security is a cutting edge text presenting IT and non-IT facets of insider threats together. This volume brings together a critical mass of well-established worldwide researchers, and provides a unique multidisciplinary overview. Monica van Huystee, Senior Policy Advisor at MCI, Ontario, Canada comments 'The book will be a must read, so of course I'll need a copy.'

Insider Threats in Cyber Security covers all aspects of insider threats, from motivation to mitigation. It includes how to monitor insider threats (and what to monitor for), how to mitigate insider threats, and related topics and case studies.

Insider Threats in Cyber Security is intended for a professional audience composed of the military, government policy makers and banking; financing companies focusing on the Secure Cyberspace industry. This book is also suitable for advanced-level students and researchers in computer science as a secondary text or reference book.
Preface6
Contents7
Aspects of Insider Threats12
1 Introduction12
2 Insiders and Insider Threats13
2.1 Insider Threats16
2.2 Taxonomies17
3 Detection and Mitigation18
4 Policies20
5 Human Factors and Compliance22
6 Conclusion24
References26
Combatting Insider Threats27
1 A Contextual View of Insiders and Insider Threats27
2 Risks of Insider Misuse30
2.1 Types of Insiders30
2.2 Types of Insider Misuse31
3 Threats, Vulnerabilities, and Risks32
3.1 Relevant Knowledge and Experience33
3.2 Exploitations of Vulnerabilities34
3.3 Potential Risks Resulting from Exploitations35
4 Countermeasures35
4.1 Specification of Sound Policies for Data Gathering and Monitoring37
4.2 Detection, Analysis, and Identification of Misuse38
4.3 Desired Responses to Detected Anomalies and Misuses39
5 Decomposition of Insider Misuse Problems39
5.1 Stages of Development and Use40
5.2 Extended Profiling Including Psychological and Other Factors41
6 Requirements for Insider-Threat-Resistant High-Integrity Elections43
7 Relevance of the Countermeasures to Elections46
8 Research and Development Needs49
9 Conclusions50
References51
Insider Threat and Information Security Management55
1 Introduction55
2 Definitions of Insider and the Relevance to Information Security Management56
3 Risk and Insiderness59
3.1 The Importance of Organisational Culture and the Significance of Cultural Risks61
3.2 Fieldwork on Culture and the Insider Threat61
4 The Structure of the ISMS and Traditional Information Security Management Responses to Insiderness63
4.1 Analysis Turning an ISMS Inwards64
4.2 The Role of Operationalisation65
5 Information Security Management Standards, Best Practice and the Insider Threat66
5.1 General Security Management Standards66
5.2 Guidelines Focused on the Management of the Insider Threat67
5.3 Analysis of the Contribution of Best Practice and Guidelines70
6 Crime theories and insider threat71
6.1 Existing Connections between Crime Theories and Information Security Management72
7 Implications of Crime Theories for ISMS Design73
7.1 Application of SCP to the ISO Control Domains74
7.2 Implications for ISMS Process Design76
7.3 Summary of Crime Theory Contribution78
8 Conclusions79
References80
A State of the Art Survey of Fraud Detection Technology82
1 Introduction82
1.1 Data Analysis Methodology83
1.1.1 General83
1.1.2 Procedure84
2 Survey of Technology for Fraud Detection in Practice85
2.1 General Approaches for Intrusion and Fraud Detection85
2.2 State of the Art of Fraud Detection Tools and Techniques87
3 Why Fraud Detection is not the Same as Intrusion Detection89
4 Challenges for Fraud Detection in Information Systems91
5 Summary91
Acknowledgements92
References93
Combining Traditional Cyber Security Audit Data with Psychosocial Data: Towards Predictive Modeling for Insider Threat Mitigatio94
1 Introduction94
2 Background97
3 Issues of Security and Privacy100
4 Predictive Modeling Approach103
5 Training Needs115
6 Conclusions and Research Challenges118
7 Acknowledgments120
References120
A Risk Management Approach to the “Insider Threat”123
1 Introduction124
2 Insider Threat Assessment125
2.1 Example128
2.2 Summary130
3 Access-Based Assessment130
4 Psychological Indicator-Based Assessment134
5 Application of Risk to System Countermeasures138
5.1 Example141
5.2 Summary143
6 Conclusion143
References143
Legally Sustainable Solutions for Privacy Issues in Collaborative Fraud Detection146
1 Introduction146
2 Monitoring Modern Distributed Systems147
2.1 Evidence Model149
3 Observing Fraudulent Service Behaviours152
3.1 Architectural Support155
4 Introduction to the Legal Perspective156
5 Basic Principles of Data Privacy Law157
5.1 A Set of Six Basic Rules158
5.1.1 Data Avoidance158
5.1.2 Transparency159
5.1.3 Purpose Specification and Binding159
5.1.4 ProhibitionWithout Explicit Permission159
5.1.5 Data Quality160
5.1.6 Data Security160
6 General Legal Requirements of Fraud Detection Systems160
6.1 Privacy Relevance of Fraud Detection Systems161
6.2 Necessary Data for Fraud Detection161
6.3 Transparency in the Fraud Detection Context162
6.4 Purpose Specification and Binding in Fraud Detection162
6.5 Permissibility of Fraud Detection162
6.6 Quality of Event Data163
6.7 Security of Event Data163
7 Technical Solutions for Privacy-respecting Fraud Detection163
7.1 Technical Requirements164
7.1.1 Requirements for Open Data166
7.1.2 Specific Requirements for Pseudonyms in Open Data166
7.1.3 Specific R