The "Big Picture" of Insider IT Sabotage Across U.S. Critical Infrastructures

Advances in Information Security

Volumn 39, Issue , 2008, Pages 17-52

  Moore, Andrew P ^a   Cappelli, Dawn M ^a   Trzeciak, Randall F ^a  

^a CARNEGIE MELLON UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 79960583168     PISSN: 15682633     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-0-387-77322-3_3     Document Type: Article

References (12)

1. Anderson, D.F.; Cappelli, D.M.; Gonzalez, J.J.; Mojtahedzadeh, M.; Moore, A.P.; Rich, E.; Sarriegui, J.M.; Shimeall, T.J.; Stanton, J.M.; Weaver, E.; and Zagonel, A. 2004. Preliminary System Dynamics Maps of the Insider Cyber-Threat Problem. Proceedings of the 22nd International Conference of the System Dynamics Society, July 2004. Available at http://www.cert.org/archive/pdf/InsiderThreatSystemDynamics.pdf.
2. Band, S.R.; Cappelli, D. M.; Fischer, L.F.; Moore, A. P.; Shaw, E.D.; and Trzeciak, R.F 2006. "Comparing Insider IT Sabotage and Espionage: A Model-Based Analysis" Software Engineering Institute Technical Report CMU/SEI-2006-TR-026, Carnegie Mellon University, December 2006. http://www.cert.org/archive/pdf/06tr026.pdf.
3. Cappelli, D. M.; Desai, A. G.; Moore, A. P.; Shimeall, T. J.; Weaver, E. A.; and Willke, B. J. 2006. "Management and Education of the Risk of Insider Threat (MERIT): Mitigating the Risk of Sabotage to Employers' Information, Systems, or Networks." Proceedings of the 24th International System Dynamics Conference. Nijmegen, Netherlands, July 2006. http://www.albany.edu/cpr/sds/conf2006/proceed/proceed.pdf.
4. Cappelli, D.M.; Moore, A.P.; Shimeall, T.J.; and Trzeciak, R.J. 2006. "Common Sense Guide to Prevention and Detection of Insider Threats: Version 2.1," Report of Carnegie Mellon University, CyLab, and the Internet Security Alliance, July 2006 (update of the April 2005 Version 1.0). http://www.cert.org/archive/pdf/CommonSenseInsiderThreatsV2.1-1- 070118.pdf
5. Keeney, M.M.; Kowalski, E.F.; Cappelli, D.M.; Moore, A.P.; Shimeall, T.J.; and Rogers, S.N. 2005. Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors. Joint SEI and U.S. Secret Service Report, May 2005. Available at http://www.cert.org/archive/pdf/insidercross051105.pdf.
6. Meadows, D. L.; Behrens, W. W.; Meadows D. H.; Naill, R. F.; Randers, J.; and Zahn, E. K. O. 1974. Dynamics of Growth in a Finite World. Cambridge, MA: Wright-Allen Press, Inc.
7. Melara, C.; Sarriegui, J.M.; Gonzalez, J.J.; Sawicka, A.; and Cooke, D.L. 2003. A System Dynamics Model of an Insider Attack on an Information System. Proceedings of the 21st International Conference of the System Dynamics Society July 20-24, New York, NY, USA.
8. Moore, A.P.; Joseph, H.G.; Trzeciak, R.F.; Cappelli, D.M. 2007. Instructional Case of Insider IT Sabotage: An Instructor's Manual, in preparation.
9. Naumes, W.; and Naumes, M.J. 1999. The Art & Craft of Case Writing. Thousand Oaks, California: SAGE Publications.
10. Rich, E.; Martinez-Moyano, I.J.; Conrad, S.; Cappelli, D.M.; Moore, A.P.; Shimeall, T.J.; Andersen, D.F.; Gonzalez, J.J.; Ellison, R.J.; Lipson, H.F.; Mundie, D.A.; Sarriegui, J.M.; Sawicka, A.; Stewart, T.R.; Torres, J.M.; Weaver, E.A.; and Wiik, J. 2005. Simulating Insider Cyber-Threat Risks: A Model-Based Case and a Case-Based Model. Proceedings of the 23rd International Conference of the System Dynamics Society, July 2005.
11. Sterman, J.D. 2000. Business Dynamics: Systems Thinking and Modeling for a Complex World. New York, NY: McGraw-Hill.
12. Yin, R.K. (2003). Case Study Research. (3 ed.) Thousand Oaks: Sage Publications.