Enhancing Information Security: A Qualitative Risk Analysis Method for Overcoming the Insider Threat

View Free PDF

Author(s): Patricia Y. Logan (Marshall University, USA)and Allen C. Clarkson (Independent Consultant, USA)
Copyright: 2005
Pages: 4
Source title: Managing Modern Organizations Through Information Technology
Source Editor(s): Mehdi Khosrow-Pour, D.B.A. (Information Resources Management Association, USA)
DOI: 10.4018/978-1-59140-822-2.ch052
ISBN13: 9781616921293
EISBN13: 9781466665354

Keywords: Information Science Reference / IT Research & Theory / IT Research and Theory / Library & Information Science

Abstract

A number of recent studies document that “the insider” is a significant risk to information security. The results of these studies suggest that a new approach be used to assess, inform, train, manage and mitigate the risk from insider intrusion. An improved method is proposed for assessing risk and applying appropriate controls: a qualitative approach using an insider-based risk assessment (IBRA). This paper explores the risks from insiders, how insiders evade technology, an exploration of the traditional means of quantitative security assessment, and proposes a new method designed to improve the identification of risk from insiders, improve security, and apply controls appropriate to the insider threat.

IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Encyclopedia of Information Science and Technology, Fourth Edition