Current protection strategies against insider adversaries are expensive, intrusive, not systematically implemented, and operated independently; too often, such strategies are defeated. The authors provide a systems-based framework and model for understanding important elements, their interactions, interdependencies, and gaps for insider security.
Within an organization, the employee population is the source of potential malicious insiders. To investigate the evolution of the insider within an organization, we are developing a model of the employee life cycle. In addition, the employee life cycle model is being applied to define and analyze interactions of the employee population with insider… (More)