论文信息 - Data Theft: A Prototypical Insider Threat

Data Theft: A Prototypical Insider Threat

The author is the lead information security architect at one of the United States’ largest banks. In this paper he assesses the threat of confidential data leakage, focusing on its most virulent form – insider data theft attacks. Technological and procedural controls typically found in enterprise environments are reviewed and found inadequate. Additional controls are proposed, and several areas for additional technical research are also suggested.

Michael McCormick | M. McCormick

[1] Dawn M. Cappelli,et al. Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector , 2005 .

[2] Dawn M. Cappelli,et al. A Risk Mitigation Model: Lessons Learned From Actual Insider Sabotage , 2006 .