Modeling Human Behavior To Anticipate Insider Attacks Discussion

Question to answer

Insider threats are on the rise in every industry. Should technology be dealing with this issue or should credibility checks be increased? You can only provide so much limitation of access, the employees still need to work overall. Thoughts?

Response is based on.

Frank L., Greitzer R. & Hohimer, E.(2011). Modeling Human Behavior to Anticipate Insider Attacks. Journal of Strategic Security, Volume IV Issue 2 2011, pp. 25.

Modeling Human Behavior to Anticipate Insider Attacks.

And this post.

Insider threat has been a major issue facing various industries and organizations where it has rapidly grown in the recent years. The main challenge is the difficulty in preventing and detecting it and this article has provided important information that explains the scenario types and behaviors which lead to insider threat. Frank, Greitzer & Holimer (2011) makes arguments concerning the difficulties of picking up the trail which I agree with. It becomes hard to determine whether these threats are deceptive or whether one should take serious precautions. However, when a threat is evident, serious measures should be taken before this person is able to execute his plan. An individual cannot determine the state of mind of a person to know whether they have any mental issues but there are few reasons that explain why it becomes challenging with regard to picking up the trail before the fact such as Inadequate data in real-world situations which carries some truth so that there can be scientific validation and verification of the solutions proposed, challenges in determining malicious and legitimate behavior, and the presence of a large amount of data.

Occasionally, damage to organizations sites is carried out by people with a personal interest and those who might have worked in the company since they are aware of important systems present.

Insider threat has been a big threat as suggested by Hohimer, Frank, and Greitzer and I agree with them. There is inefficient data to be used so that patterns can be identified in order to recognize insider threat before damage occurs. However, I do not believe that the technological measures discussed in the article would completely eradicate this threat. People will still device new ways to carry out insider threat thus more research is still needed.