Enemies within: Redefining the insider threat in organizational security policy

Security Journal

Volumn 26, Issue 2, 2013, Pages 107-124

  Wall, David S ^a  

^a DURHAM UNIVERSITY   (United Kingdom)

Author keywords

cybercrime; information security; insider threat; organizations; security policy

Indexed keywords

EID: 84876731769     PISSN: 09551662     EISSN: 17434645     Source Type: Journal    
DOI: 10.1057/sj.2012.1     Document Type: Article

References (48)

1. BBC. (2007) Six more data discs ' are missing '. B BC News Online, 24 November, http://news.bbc.co.uk/1/hi/7111056.stm, accessed 1 August 2011.
2. BBC. (2008) Pension data was on stolen laptop. B BC News Online, 10 October, http://news.bbc.co.uk/1/hi/uk/7664274.stm, accessed 1 August 2011.
3. BBC. (2011) US and Israel were behind Stuxnet claims researcher. BBC News Online, 4 March, http://www.bbc.co.uk/news/technology-12633240, accessed 1 August 2011.
4. Bishop, M. (2005) Position: Insider is relative. In: C.F. Hempelmann and V. Raskin (eds.), Proceedings of the New Security Paradigms Workshop. New York: ACM Press.
5. Caputo, D., Stephens, G., Stephenson, B. and Kim, M. (2009) Human Behavior, Insider Threat, and Awareness: An Empirical Study of Insider Threat Behavior. Hannover, Germany: Dartmouth College. Institute for Information Infrastructure Protection (I3P) research program Research Report no. 16, July 2009, http://www.thei3p.org/docs/publications/134.pdf, accessed 1 August 2011.
6. Cerf, V. (2003) The internet under surveillance: Obstacles to the free flow of information online. Reporters without Borders, http://famguardian.org/ Subjects/Computers/Articles/IntUnderSurv.htm, accessed 2 September 2011.
7. CERT. (2005) 2005 E-Crime Watch™ survey shows E-Crime fighters making headway: Average company loss estimated at more than half million dollars. Press release, CERT/CSO, http://www.cert.org/archive/pdf/ecrime- watch05.pdf, accessed 1 August 2011.
8. CERT. (2010) 2010 CyberSecurity Watch Survey: Cybercrime increasing faster than some company defenses. CERT Insider Threat Team, Pittsburgh: Carnegie Mellon University, Software Engineering Institute, http://www.cert.org/ archive/pdf/ecrimesummary10.pdf, accessed 1 August 2011. (Summaries also available for 2004 - 2009).
9. CERT. (2011) 2011 CyberSecurity Watch Survey: How bad is the insider threat? CERT Insider Threat Team, Pittsburgh: Carnegie Mellon University, Software Engineering Institute, http://www.cert.org/archive/pdf/ CyberSecuritySurvey2011Data.pdf, accessed 1 August 2011. (Summaries also available for years 2004 - 2010).
10. EON. (2010) 2010 CyberSecurity Watch Survey: Cybercrime increasing faster than some company defenses. Enhanced Online News (EON), 25 January, http://eon.businesswire.com/news/eon/20100125006500/en/CSO/Cybercrime/ cybersecurity, accessed 1 August 2011.
11. Falliere, N., Murchu, L. and Chien, E. (2010) W32.Stuxnet Dossier: September 2010, version 1.0., Symantec White Paper, http://www.symantec.com/ content/en/us/enterprise/media/security-response/whitepapers/ w32-stuxnet-dossier.pdf, accessed 1 August 2011.
12. Garland, D. (2001) The Culture of Control. Oxford: Oxford University Press.
13. Gordon, L., Loeb, M., Lucyshyn, W. and Richardson, R. (2004) 2004 CSI/FBI Computer Crime and Security Survey. San Francisco, CA: Computer Security Institute.
14. Gordon, L., Loeb, M., Lucyshyn, W. and Richardson, R. (2005) 2005 CSI/FBI Computer Crime and Security Survey. San Francisco, CA: Computer Security Institute.
15. Gordon, L., Loeb, M., Lucyshyn, W. and Richardson, R. (2006) 2006 CSI/FBI Computer Crime and Security Survey. San Francisco, CA: Computer Security Institute.
16. Hong, J., Kim, J. and Cho, J. (2010) The trend of the security research for the insider cyber threat. International Journal of Future Generation Communication and Networking 3 (2): 31 - 40.
17. Jewkes, Y. and Yar, M. (eds.) (2010) Handbook of Internet Crime. Cullompton, UK: Willan Publishing.
18. Keeney, M., Cappelli, D., Kowalski, E., Moore, A., Shimeall, T. and Rogers, S. (2005) Insider threat study: Computer system sabotage in critical infrastructure sectors. Pittsburgh, PA: Carnegie Mellon, University Software Engineering Institute/United States Secret Service, http://www.cert.org/archive/ pdf/insidercross051105.pdf, accessed 1 August 2011.
19. LMRMC. (2010) Online riskiness: Questionnaire results - Overall. LM Research & Marketing Consultancy, 20 September (Unpublished).
20. Mail. (2008) Military laptop stolen from McDonald's as ' Army captain eats a Big Mac'. Mail Online, 12 April, http://www.dailymail.co.uk/news/article- 559178/Military-laptop-stolen-McDonalds-Army-captain-eats-Big-Mac. html#ixzz13NxVuGd0, accessed 1 August 2011.
21. Mearian, L., (2009) Survey: 40 % of hard drives bought on eBay hold personal, corporate data: Buyers found data on everything from corporate spreadsheets to e-mails and photos. Computerworld, 10 February, http://www.computerworld.com/s/article/9127717/Survey-40-of-hard-drives-bought- on-eBay-hold-personal-corporate-data, accessed 1 August 2011.
22. McQuade, S. (2006) Understanding and Managing Cybercrime. Boston, MA: Allyn & Bacon.
23. Ponemon, L. (2008) The cost of a lost laptop. Ponemon Institute, http://www.ponemon.org/local/upload/fckjail/generalcontent/18/file/ Cost%20of%20a%20Lost%20Laptop%20White%20Paper%20Final%203.pdf, accessed 1 August 2011.
24. Ponemon, L. (2009) Fourth annual US cost of data breach study: Benchmark study of companies. Ponemon Institute, http://www.ponemon.org/local/upload/ fckjail/generalcontent/18/file/2008- 2009%20US%20Cost%20of%20Data%20Breach%20Report%20Final.pdf, accessed 1 August 2011.
25. Ponemon, L. (2010a) 2009 annual study: Cost of a data breach. Ponemon Institute, http://www.ponemon.org/local/upload/fckjail/generalcontent/18/file/ US-Ponemon-CODB-09-012209-sec.pdf, accessed 1 August 2011.
26. Ponemon, L. (2010b) 2009 annual study: UK cost of a data breach. Ponemon Institute, http://www.ponemon.org/local/upload/fckjail/generalcontent/18/file/ UK-Ponemon-CODB%202009%20v9.pdf, accessed 1 August 2011.
27. Ponemon, L. (2011) 2010 annual study: Cost of a data breach. Ponemon Institute/Symantec, http://www.symantec.com/content/en/us/about/media/pdfs/ symantec-cost-of-data-breach-global-2010.pdf, accessed 1 August 2011.
28. Probst, C., Hunker, J. and Gollmann, D. (eds.) (2010) Insider Threats in Cyber Security, Advances in Information Security, Vol. 49. New York: Elsevier.
29. Randazzo, M., Keeney, M., Kowalski, E., Cappelli, D. and Moore, A. (2005) Insider threat study: Illicit cyber activity in the banking and finance sector. Philadelphia: Carnegie Mellon University, Software Engineering Institute, http://82.138.248.200/hcs-temp/teaching/GA10/lec4extra/certreport.pdf, accessed 1 August 2011.
30. Raywood, D. (2009) MBNA confirms data loss after laptop containing personal details of thousands of customers was stolen from vendor. SC Magazine, 23 December, http://www.scmagazineuk.com/mbna-confirms-data-lossafter-laptop- containing-personal-details-of-thousands-of-customers-was-stolen-from-vendor/ article/160217/, accessed 1 August 2011.
31. Raywood, D. (2010) Stolen laptop leads to the loss of details of around 13,000 UK dairy farmers. S C Magazine, 2 July, http://www.scmagazineuk.com/ stolen-laptop-leads-to-the-loss-of-details-of-around-13000-uk-dairyfarmers/ article/173843/, accessed 1 August 2011.
32. Reiner, R. (2000) The Politics of the Police, 3rd edn. Oxford: Oxford University Press.
33. Richardson, R. (2003) CSI/FBI Computer Crime and Security Survey. San Francisco, CA: Computer Security Institute.
34. Schneier, B. (2003) Beyond Fear: Thinking Sensibly about Security in an Uncertain World. New York: Springer.
35. Shiels, M. (2009) Malicious insider attacks to rise. BBC News Online, 11 February, http://news.bbc.co.uk/1/hi/technology/7875904.stm, accessed 1 August 2011.
36. Simon, J. (2007) Governing through Crime: How the War on Crime Transformed American Democracy and Created a Culture of Fear. New York: Oxford University Press.
37. Symantec. (2008) Anatomy of a data breach: Why breaches happen and what to do about it. Mountain View: Symantec, http://eval.symantec.com/mktginfo/ enterprise/white-papers/b-anatomy-of-a-data-breach-WP-20049424-1.en-us.pdf, accessed 1 August 2011.
38. Symantec. (2009a) Internet Security Threat Report, Volume XIV. April, 2009, Symantec, http://www.symantec.com/business/theme.jsp?themeid=threatreport, accessed 1 August 2011.
39. Symantec. (2009b) SMB protection gap: SMB security and data protection: Survey shows high concern, less action. Symantec White Paper, http://eval.symantec.com/mktginfo/enterprise/other-resources/ b-SMB-Protection-Gap-WP-20094842.en-us.pdf, accessed 1 August 2011.
40. Symantec. (2010) The Trojan.Hydraq incident. Symantec Security Response Blog, 18 January, http://www.symantec.com/connect/blogs/trojanhydraq-incident, accessed 1 August 2011.
41. Verizon. (2010) 2010 Data Breach Investigations Report. Verizon, http://www.verizonbusiness.com/resources/reports/rp-2010-data-breach-report-en- xg.pdf, accessed 1 August 2011.
42. Wall, D. S. (2007) Cybercrime: The Transformation of Crime in the Information Age. Cambridge: Polity.
43. Wall, D. S. (2008 / 2011) Cybercrime and the culture of fear: Social science fiction(s) and the production of knowledge about cybercrime. Information, Communication & Society 11 (6): 861 - 884, (Revised February 2011), http://ssrn.com/abstract=1155155, accessed 1 August 2011.
44. Wall, D. S. (2011) Organizational security and the insider threat: Malicious, negligent and well-meaning insiders. White Paper: Data Loss Prevention Reading, UK: Symantec, https://www4.symantec.com/Vrt/offer?a-id= 108920, accessed 1 August 2011.
45. Williams, M. (2006) Virtually Criminal: Crime, Deviance and Regulation Online. London: Routledge.
46. White House. (2003) The national strategy to secure cyberspace. White House, February, http://www.dhs.gov/xlibrary/assets/National-Cyberspace- Strategy.pdf, accessed 1 August 2011.
47. Yar, M. (2006) Cybercrime and Society. London: Sage.
48. Zetter, K. (2011) DHS fears a modified Stuxnet could attack US infrastructure. WIRED, 26 July, http://www.wired.com/threatlevel/2011/07/dhs- fears-stuxnet-attacks/, accessed 1 August 2011.