SOFIT: Sociotechnical and Organizational Factors for Insider Threat

被引:14
|
作者
Greitzer, Frank L. [1 ]
Purl, Justin [2 ]
Leong, Yung Mei
Becker, D. E. [2 ]
机构
[1] PsyberAnalytix, Richland, WA 99352 USA
[2] Human Resources Res Org, Alexandria, VA USA
来源
2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (SPW 2018) | 2018年
关键词
insider threat ontology; sociotechnical indicators; knowledge modeling; expert knowledge elicitation; TRAITS; STATES; PERSONALITY; VIOLENCE; STRESS; RISK;
D O I
10.1109/SPW.2018.00035
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Human behavioral factors have been insufficiently represented in structured models (e.g., ontology frameworks) of insider threat risk. This paper describes the design and development of a structured model that emphasizes individual and organizational sociotechnical factors while incorporating technical indicators from previous work. We compare this model with previous research and describe a use case to demonstrate how the model can be applied as an ontology. We also summarize results of an expert knowledge elicitation study to reveal relationships among indicators and to examine several quantitative models for assessing threat of cases comprising multiple indicators.
引用
收藏
页码:197 / 206
页数:10
相关论文
共 50 条
  • [1] Balancing Organizational Incentives to Counter Insider Threat
    Moore, Andrew P.
    Cassidy, Tracy M.
    Theis, Michael C.
    Bauer, Daniel
    Rousseau, Denise M.
    Moore, Susan B.
    2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (SPW 2018), 2018, : 237 - 246
  • [2] Conversations around Organizational Risk and Insider Threat
    Osterritter, Luke
    Carley, Kathleen M.
    PROCEEDINGS OF THE 2021 IEEE/ACM INTERNATIONAL CONFERENCE ON ADVANCES IN SOCIAL NETWORKS ANALYSIS AND MINING, ASONAM 2021, 2021, : 613 - 621
  • [3] Enemies within: Redefining the insider threat in organizational security policy
    Wall, David S.
    SECURITY JOURNAL, 2013, 26 (02) : 107 - 124
  • [4] Enemies within: Redefining the insider threat in organizational security policy
    David S Wall
    Security Journal, 2013, 26 : 107 - 124
  • [5] Organizational Vulnerability to Insider Threat What Do Australian Experts Say?
    Bedford, Justine
    Van Der Laan, Luke
    HCI INTERNATIONAL 2016 - POSTERS' EXTENDED ABSTRACTS, PT I, 2016, 617 : 465 - 470
  • [6] Toward an Ontology for Insider Threat Research: Varieties of Insider Threat Definitions
    Mundie, David A.
    Perl, Sam
    Huth, Carly L.
    2013 THIRD WORKSHOP ON SOCIO-TECHNICAL ASPECTS IN SECURITY AND TRUST (STAST 2013), 2013, : 26 - 36
  • [7] The insider threat: Behavioral indicators and factors influencing likelihood of intervention
    Bell, Alison J. C.
    Rogers, M. Brooke
    Pearce, Julia M.
    INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, 2019, 24 : 166 - 176
  • [8] Unintentional Insider Threat: Contributing Factors, Observables, and Mitigation StrategiesAC
    Greitzer, Frank L.
    Strozer, Jeremy
    Cohen, Sholom
    Bergey, John
    Cowley, Jennifer
    Moore, Andrew
    Mundie, David
    2014 47TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), 2014, : 2025 - 2034
  • [9] An Exploratory Factor Analysis of Personality Factors: An Insider Threat Perspective
    Padayachee, Keshnee
    HUMAN ASPECTS OF INFORMATION SECURITY AND ASSURANCE, HAISA 2022, 2022, 658 : 253 - 264
  • [10] The insider threat ‘zoo’
    Renaud K.
    Warkentin M.
    Computer Fraud and Security, 2024, 2024 (05):
12345