• et al., 2013
  • Design Insider Threat Hands-on Labs




    Download 347,92 Kb.
    Pdf ko'rish
    bet2/10
    Sana17.05.2024
    Hajmi347,92 Kb.
    #240858
    1   2   3   4   5   6   7   8   9   10
    Design Insider Threat Hands-on Labs
    Hongmei Chi, Clement Allen, David Angulo Rubio
    Department of Computer and Information Sciences
    Florida A&M University
    1333 Wahnish Way
    Tallahassee, FL 32307
    USA
    hchi@cis.famu.edu


    Information Security Education Journal Volume 2 Number 1 June 2015
    35
    intellectual property, destruction and misuse of assets, or stolen valuable information that can undermine the attacked
    organizations and/or individuals. The way to identify and prevent insider threat attacks is to educate employees in any
    organization. The Computer Emergency Readiness Team (CERT) Insider Threat Center is a division of Carnegie Mellon University’s
    Software Engineering Institute. They explain that policy enforcement and periodic security training for all employees will greatly
    reduce insider threat attacks in most organizations. The Intelligence and National Security Alliance (INSA) Cyber Council is a
    group of executives from the public, private and academic sectors with expertise in cyber security with the mission of improving
    cyber security policies and practices in the public and private sector. According to INSA, as of September 2013, no standard
    training program exists that can be used as a valid framework in the private sector to deal effectively with this kind of threat
    (Cappos et al., 2014,Greitzer
     et al., 2013
    ).
    Insider threats are causing serious damages to governmental organizations and also to private companies. Researchers at CERT
    Insider Threat Center have developed Enterprise Architecture Patterns that cover people, processes, technology and facilities
    (CERT, n.d.).. These four elements have to be considered in order to protect and prevent against insiders.Insider threat attacks
    are disastrous to organizations and there is a vital need to control and mitigate them. Mitigating damages can be successful
    through use of an effective training module. Training modules designed through CyberCIEGE (Cone

    Download 347,92 Kb.
    1   2   3   4   5   6   7   8   9   10




    Download 347,92 Kb.
    Pdf ko'rish