Guest Editorial: Insider Threat Solutions - Moving from Concept to Reality

As society has embraced technology and systems to promote services, trade and ubiquitous communication, it has also inadvertently exposed itself to a plethora of security risks. One of the most significant of these risks is that of insider threat, where privileged insiders (be they employees or trusted third-parties) within an enterprise, intentionally or inadvertently cause harm their organisations. While the topic of insider threat has been examined and researched for decades, the problem still persists, and some would even argue that it is becoming worse. Could this be the result of a disconnect between approaches and solutions being researched and those that are (or can be) actually implemented?

[1]  Sadie Creese,et al.  Understanding Insider Threat: A Framework for Characterising Attacks , 2014, 2014 IEEE Security and Privacy Workshops.

[2]  Sadie Creese,et al.  Formalising Policies for Insider-threat Detection: A Tripwire Grammar , 2017, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[3]  Serban I. Gavrila,et al.  Linear Time Algorithms to Restrict Insider Access using Multi-Policy Access Control Systems , 2017, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[4]  Tao Su,et al.  A formal approach for network security policy validation , 2017, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[5]  Florian Kammüller,et al.  Insider Threats and Auctions: Formalization, Mechanized Proof, and Code Generation , 2017, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[6]  Elisa Bertino,et al.  MIST 2016: 8th International Workshop on Managing Insider Security Threats , 2016, CCS.