Back to Search
Start Over
A Structured Control Selection Methodology for Insider Threat Mitigation
- Source :
- Procedia Computer Science. 181:1187-1195
- Publication Year :
- 2021
- Publisher :
- Elsevier BV, 2021.
-
Abstract
- An insider is a person or software that possesses positive authorization to access the asset(s) of an enterprise. In recent years, security incidents perpetrated by enterprise insiders have increased considerably. Enterprises attempt to mitigate such threats by implementing controls intuitively, on an ad-hoc basis. However, such intuitive control implementation is both time-consuming, as well as prone to errors, leading to insecure enterprise systems. The paper attempts to address this issue by proposing a structured methodology for the selection of relevant security controls. The technique is to model insider threats and security controls, and match their constituent components against each other. The proposed methodology has been illustrated with suitable examples.
- Subjects :
- business.industry
Computer science
Control (management)
Authorization
Insider threat
020206 networking & telecommunications
02 engineering and technology
Computer security
computer.software_genre
Asset (computer security)
Security controls
Insider
Software
Enterprise system
0202 electrical engineering, electronic engineering, information engineering
Selection (linguistics)
General Earth and Planetary Sciences
020201 artificial intelligence & image processing
business
computer
General Environmental Science
Subjects
Details
- ISSN :
- 18770509
- Volume :
- 181
- Database :
- OpenAIRE
- Journal :
- Procedia Computer Science
- Accession number :
- edsair.doi...........b72d3f4985626cb4f0f8ee418d8fe120
- Full Text :
- https://doi.org/10.1016/j.procs.2021.01.316