{"title":"Using empirical insider threat case data to design a mitigation strategy","authors":"Dawn M. Cappelli","doi":"10.1145/1866886.1866888","DOIUrl":null,"url":null,"abstract":"1. Understanding the Complexity of Insider Threat According to research by the CERT Program (CERT) in the Software Engineering Institute at Carnegie Mellon University, approximately half of all organizat1ons experience at least one electronic crime perpetrated by an insider each year. These crimes include theft, sabotage, fraud, and espionage. CERT began researching this problem in 2001. It has compiled a database of more than 500 criminal cases in which current or former employees, contractors, or business partners abused the trust and access associated with their positions. As part of its research, CERT interviewed many victim organizations. It also interviewed some perpetrators themselves, complementing a wealth of case data with first-hand insights into the methods and motivations behind these crimes.","PeriodicalId":249095,"journal":{"name":"Insider Threats '10","volume":"206 3","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-10-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Insider Threats '10","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1866886.1866888","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
1. Understanding the Complexity of Insider Threat According to research by the CERT Program (CERT) in the Software Engineering Institute at Carnegie Mellon University, approximately half of all organizat1ons experience at least one electronic crime perpetrated by an insider each year. These crimes include theft, sabotage, fraud, and espionage. CERT began researching this problem in 2001. It has compiled a database of more than 500 criminal cases in which current or former employees, contractors, or business partners abused the trust and access associated with their positions. As part of its research, CERT interviewed many victim organizations. It also interviewed some perpetrators themselves, complementing a wealth of case data with first-hand insights into the methods and motivations behind these crimes.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
