This paper demonstrates how the Insider Threat Cybersecurity Framework (ITCF) web tool and methodology help provide a more dynamic, defense-in-depth security posture against insider cyber and cyber-physical threats. ITCF includes over 30 cybersecurity best practices to help organizations identify, protect, detect, respond and recover to sophisticated insider threats and vulnerabilities. The paper tests the efficacy of this approach and helps validate and verify ITCF's capabilities and features through various insider attacks use-cases. Two case-studies were explored to determine how organizations can leverage ITCF to increase their overall security posture against insider attacks. The paper also highlights how ITCF facilitates implementation of the goals outlined in two Presidential Executive Orders to improve the security of classified information and help owners and operators secure critical infrastructure. In realization of these goals, ITCF: provides an easy to use rapid assessment tool to perform an insider threat self-assessment; determines the current insider threat cybersecurity posture; defines investment-based goals to achieve a target state; connects the cybersecurity posture with business processes, functions, and continuity; and finally, helps develop plans to answer critical organizational cybersecurity questions. In this paper, the webtool and its core capabilities are tested by performing an extensive comparative assessment over two different high-profile insider threat incidents.
[1]
Michael Mylrea,et al.
Multi-scenario use case based demonstration of Buildings Cybersecurity Framework webtool
,
2017,
2017 IEEE Symposium Series on Computational Intelligence (SSCI).
[2]
Laurie J. Van Leuven.
Water/Wastewater Infrastructure Security: Threats and Vulnerabilities
,
2011
.
[3]
Mathias Ekstedt,et al.
Cyber Security Risks Assessment with Bayesian Defense Graphs and Architectural Models
,
2009
.
[4]
Kathryn B. Laskey,et al.
Developing an Ontology for Individual and Organizational Sociotechnical Indicators of Insider Threat Risk
,
2016,
STIDS.
[5]
Joint Task Force Transformation Initiative,et al.
Security and Privacy Controls for Federal Information Systems and Organizations
,
2013
.