A Preliminary Model of Insider Theft of Intellectual Property

A study conducted by the CERT Program at Carnegie Mellon University’s Software Engineering Institute analyzed hundreds of insider cyber crimes across U.S. critical infrastructure sectors. Follow-up work involved detailed group modeling and analysis of 48 cases of insider theft of intellectual property. In the context of this paper, insider theft of intellectual property includes incidents in which the insider’s primary goal is stealing confidential or proprietary information from the organization. This paper describes general observations about and a preliminary system dynamics model of this class of insider crime based on our empirical data. This work generates empirically-based hypotheses for validation and a basis for identifying mitigating measures in future work.

[1]  Eliot H. Rich,et al.  Simulating Insider Cyber-Threat Risks : A Model-Based Case and a Case-Based Model , 2005 .

[2]  E. Eugene Schultz A framework for understanding and predicting insider attacks , 2002, Comput. Secur..

[3]  Dawn M. Cappelli,et al.  The "Big Picture" of Insider IT Sabotage Across U.S. Critical Infrastructures , 2008, Insider Attack and Cyber Security.

[4]  Donn B. Parker,et al.  Fighting computer crime - a new framework for protecting information , 1998 .

[5]  Keven G. Ruby,et al.  The Insider Threat to Information Systems , 2022 .

[6]  Katherine L. Herbig,et al.  Espionage against the United States by American citizens, 1947-2001 , 2003 .

[7]  William Naumes,et al.  The Art & Craft of Case Writing , 2012 .

[8]  Paul R. Sackett,et al.  Counterproductive behaviors at work , 2001 .

[9]  Shari Lawrence Pfleeger,et al.  Insiders Behaving Badly , 2008, IEEE Security & Privacy.

[10]  Terry M. Gudaitis,et al.  The Missing Link in Information Security: Three Dimensional Profiling , 1998, Cyberpsychology Behav. Soc. Netw..

[11]  Dawn M. Cappelli,et al.  Comparing Insider IT Sabotage and Espionage: A Model-Based Analysis , 2006 .

[12]  P. Harwood Michael , 1985 .

[13]  Suzanne S. Masterson,et al.  Insider or outsider? how employee perceptions of insider status affect their work behavior , 2002 .

[14]  B. Burmahl The big picture. , 2000, Health facilities management.

[15]  J. Salgado The Big Five Personality Dimensions and Counterproductive Behaviors , 2002 .

[16]  Lynn F. Fischer,et al.  Ten Tales of Betrayal: The Threat to Corporate Infrastructure by Information Technology Insiders Analysis and Observations , 2005 .

[17]  Paul R. Sackett,et al.  The Structure of Counterproductive Work Behaviors: Dimensionality and Relationships with Facets of Job Performance , 2002 .

[18]  John Suler,et al.  The Bad Boys of Cyberspace: Deviant Behavior in a Multimedia Chat Community , 1998, Cyberpsychology Behav. Soc. Netw..

[19]  Michael McCormick,et al.  Data Theft: A Prototypical Insider Threat , 2008, Insider Attack and Cyber Security.

[20]  M. Mount,et al.  RELATIONSHIP OF PERSONALITY TRAITS AND COUNTERPRODUCTIVE WORK BEHAVIORS: THE MEDIATING EFFECTS OF JOB SATISFACTION , 2006 .

[21]  Dawn M. Cappelli,et al.  Management and Education of the Risk of Insider Threat (MERIT): Mitigating the Risk of Sabotage to Employers’ Information, Systems, or Networks , 2007 .

[22]  David F. Andersen,et al.  Preliminary System Dynamics Maps of the Insider Cyber-threat Problem , 2004 .

[23]  Randall F. Trzeciak,et al.  Common Sense Guide to Prevention and Detection of Insider Threats , 2006 .

[24]  J Swanson,et al.  Business Dynamics—Systems Thinking and Modeling for a Complex World , 2002, J. Oper. Res. Soc..

[25]  Marcus A. Maloof,et al.  Detecting Insider Theft of Trade Secrets , 2009, IEEE Security & Privacy.

[26]  Barry M. Staw,et al.  Understanding Behavior in Escalation Situations , 1989, Science.