The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Enhancing Information Security: A Qualitative Risk Analysis Method for Overcoming the Insider Threat
Abstract
A number of recent studies document that “the insider” is a significant risk to information security. The results of these studies suggest that a new approach be used to assess, inform, train, manage and mitigate the risk from insider intrusion. An improved method is proposed for assessing risk and applying appropriate controls: a qualitative approach using an insider-based risk assessment (IBRA). This paper explores the risks from insiders, how insiders evade technology, an exploration of the traditional means of quantitative security assessment, and proposes a new method designed to improve the identification of risk from insiders, improve security, and apply controls appropriate to the insider threat.
|
|