Social/Ethical Issues in Predictive Insider Threat Monitoring

Combining traditionally monitored cybersecurity data with other kinds of organizational data is one option for inferring the motivations of individuals, which may in turn allow early prediction and mitigation of insider threats. While unproven, some researchers believe that this combination of data may yield better results than either cybersecurity or organizational data would in isolation. However, this nontraditional approach creates a potential conflict between goals, such as conflicts between organizational security improvements and individual privacy considerations. There are many facets to debate. Should warning signs of a potential malicious insider be addressed before a malicious event has occurred to prevent harm to the organization and discourage the insider from violating the organization’s rules? Would intervention violate employee trust or legal guidelines? What about the possibilities of misuse? Predictive approaches cannot be validated a priori; false accusations can affect the career of the accused; and collection/monitoring of certain types of data may affect employee morale. In this chapter, we explore some of the social and ethical issues stemming from predictive insider threat monitoring and discuss ways that a predictive modeling approach brings to the forefront social and ethical issues that should be considered and resolved by stakeholders and communities of interest.

[1]  P. Sealy,et al.  Emergency response team. , 1994, The Canadian nurse.

[2]  Philip E. Agre,et al.  Surveillance and Capture: Two Models of Privacy , 1994, Inf. Soc..

[3]  Harold Joseph Highland,et al.  The 17th NSCS abstructArtificial Intelligence and Intrusion Detection: Current and Future Directions : Jeremy Frank, University of California, Davis, CA , 1995 .

[4]  J. H. Davis,et al.  An Integrative Model Of Organizational Trust , 1995 .

[5]  William S. Brown Technology, workplace privacy and personhood , 1996 .

[6]  Donn B. Parker,et al.  Fighting computer crime - a new framework for protecting information , 1998 .

[7]  Richard S. Rosenberg,et al.  The Workplace on the Verge of the 21st Century , 1999 .

[8]  R. Smith,et al.  Compilation of State and Federal Privacy Laws , 2000 .

[9]  H. Nissenbaum Privacy as contextual integrity , 2004 .

[10]  Dawn M. Cappelli,et al.  Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors , 2005 .

[11]  William P. Smith,et al.  Privacy and Electronic Monitoring in the Workplace: A Model of Managerial Cognition and Relational Trust Development , 2005 .

[12]  Don A. Moore,et al.  Overconfidence and Underconfidence: When and Why People Underestimate (and Overestimate) the Competition , 2007 .

[13]  Dawn M. Cappelli,et al.  The "Big Picture" of Insider IT Sabotage Across U.S. Critical Infrastructures , 2008, Insider Attack and Cyber Security.

[14]  Lyndsey Franklin,et al.  Predictive Modeling for Insider Threat Mitigation , 2009 .

[15]  Lynette I. Millett,et al.  Engaging Privacy and Information Technology in a Digital Age: Executive Summary , 2010, J. Priv. Confidentiality.