Insider Threat Data Sharing (English)

  • Report  /  No value

How to get this document?

Local TIB services
TIB document delivery Purchase

Insider threat is a significant problem for both governmental and private organizations. Individuals can do immense harm with their trusted accesses. To combat this threat, organizations have created departments with trained analysts whose sole purpose is to deter, detect, and mitigate the insider threat. These analysts monitor employees and analyze activities to detect dangerous practices, whether witting or unwitting, and report these actions to supervisors for mitigation. When organizations share insider threat information among each other, it can improve all organizations abilities to deter, detect, or mitigate the insider threat. The challenge lies in merging external and existing data with as little human interaction as possible. This thesis examines the work that takes place in an insider threat department and identifies requirements for a solution that would allow for information sharing between organizations.