Data Theft: A Prototypical Insider Threat

Advances in Information Security

Volumn 39, Issue , 2008, Pages 53-68

  McCormick, Michael ^a  

^a HARVARD UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 79952545666     PISSN: 15682633     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-0-387-77322-3_4     Document Type: Article

References (17)

1. Randazzo M R, Keeney M, Kowalski E, Cappelli D, Moore A, Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector, United States Secret Service, 2004.
2. Henry T., Controlling Information with Network Content Filtering; Burton Group.
3. Proctor P, Mogull R. and Oullet E., Magic Quadrant for Content Monitoring and Filtering and Data Loss Prevention, 2Q07 Gartner Inc.
4. Penn J. and Raschke T., The Forrester Wave™: Information Leak Prevention, Q4 2006; Forrester Research.
5. Yuhanna N. and Julian T., Securing Your Data from Insider Threats June 2007 seminar; Forrester Research.
6. Cappelli D.,D., Moore, A, and Shaw E., A Risk Mitigation Model: Lessons Learned From Actual Insider Sabotage, Carnegie Mellon CERT; Proceedings CSI 2006.
7. Wilson B., Information Security: A Critical Competency, Carnegie Mellon CERT; Proceedings FSTC 2007.
8. 2007 ARO/FSTC Workshop on Insider Attack and Cyber Security (IACS07), http://www.cs.dartmouth.edu/~insider/
9. Human Behavior, Insider Threat, and Awareness Project Institute for Information Infrastructure Protection (I3P), http://www.thei3p.org/projects/insidthoverview.html
10. FS-ISAC Information Leak Survey, Privately conducted survey, results distributed to members only. (Direct inquiries to the author or the consortium).
11. FSTC Leak Prevention Survey, Privately conducted survey, results distributed to members only. (Direct inquiries to the author or the consortium).
12. 2006 E-Crime Watch Survey CSO Magazine with the U.S. Secret Service, CERT® Coordination Center and Microsoft Corp.
13. Externalization of Entitlements, Privately published white paper; direct inquiries to the author.
14. California law SB1386 serves as the model for other state and federal breach disclosure legislation. http://www.oit.ucsb.edu/committees/itpg/sb1386.asp
15. Plastic Card Industry Data Security Council, https://www.pcisecuritystandards.org/
16. Google APIs for search (and other services) documented at http://code.google.com/apis/.
17. Johnson, M.E. and Dynes, S., Dartmouth College; Proceedings Workshop on the Economics of Information Security, 2007.