|
Design Insider Threat Hands-on Labs
34
Information Security Education Journal Volume 2 Number 1 June 2015
Abstract:
Insider threat continues to be of serious concern to governmental organizations and private companies. Vulner-
abilities of the digital information being shared through mobile devices and Internet clouds increases exponentially due to
IT security mechanisms not being capable of controlling what is beyond company network limits. One of the solutions could
include providing an effective interactive framework to train future and current Information Technology security profession-
als and regular employees who need to be aware of these threats in order to avoid being a victim of insider attacks. There are
few hands-on labs/modules available for training current students, the future information assurance professionals. This
paper will classify the different actors and vectors involved in these attacks focusing specifically on Information Technology
(IT) sabotage, theft of intellectual property and insider fraud. Then, we will describe how to design virtual hands-on labs
mainly to current or future technology security professionals. The training hands-on labs will enhance trainee’s knowledge
and practical security skills about how to mitigate insider threat attacks. In addition, the training hands-on labs will be
implemented via CyberCIEGE, an innovative video game and tool to educate fundamental concepts for insider threat.
Keywords
: Virtual Training, Insider Threats, Hands-on lab, Information Assurance, Active Learning, CyberCIEGE
Recieved
: 10 January 2015, Revised 8 February 2015, Accepted 15 February 2015
© 2015 DLINE. All Rights Reserved
1. Introduction
The Insider Threat attacks are concerns to organizations due to its devastating consequences ranging from financial loss,
damage of reputation, loss of Intellectual Property, etc. The fact that insiders are in many cases current or former employees,
interns, contractors and business partners makes it more difficult to track and determine routine normal behavior from anomalous
conduct. This paper will develop hands-on labs based on a 3D virtual SDK so that we can train students and IT professionals
to deal or be aware of insider threats. Those modules will show players/students how to detect, prevent and remediate insider
threat attacks. An insider threat is generally a person who has or had authorized access to an organization’s network, system, or
data and intentionally misused that access to negatively affect the confidentiality, integrity, or availability of the organization’s
information or information systems (CERT,n.d.).
Insider threat attacks perpetrated against public and private institutions cost millions of dollars in losses due to theft of
|
| |