Regresar

Guest Editorial: Emerging Trends in Research for Insider Threat Detection.

Abstract:

The insider threat is one of mankind’s most enduring security challenges. For as long as people have placed trust in one other, they have faced the risk of that trust being violated. Historically, consequences of insider attacks included compromised organizational security, financial loss, and risks to human health and safety. Prior to the information age, attacks mainly targeted tangible assets, such as people or money; now insider attacks target additional assets related to information technology (IT), such as data and systems. For instance, malicious insiders may steal intellectual property, sabotage corporate IT systems, or use IT systems to commit financial fraud. Insider attacks have plagued humanity for millennia, and researchers and security professionals continue to struggle to fully understand the breadth of the problem and to propose solutions proven to have measurable effects on reducing the occurrence and impact of attacks. Even defining “insider threat” can be problematic, depending on the problem space. One definition used in the IT security arena is as follows: A malicious insider threat to an organization is a current or former employee, contractor, or other business partner who has or had authorized access to an organization’s network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization’s information or information systems.[1]