Presentation on theme: "Insider Threat Behavior Factors: A comparison of theory with reported incidents 2012 45th Hawaii International Conference on System Sciences Asmaa Munshi,"— Presentation transcript:
Insider Threat Behavior Factors: A comparison of theory with reported incidents th Hawaii International Conference on System Sciences Asmaa Munshi, Curtin University Peter Dell, Curtin University Helen Armstrong, Curtin University By Afshaa Sacranie
Summary The article compares behavioral factors that influence insider threats identified in academic literature to those identified in reported cases. It discusses each of these factors and compares the percentage of each factors influence in reported cases.
Critical Comment The question that the paper is answering is not clearly stated, it would be expected to be mentioned at the start of the paper. The paper has an abstract, introduction, a method and a conclusion which would indicate that this may be a scientific research paper. However it clearly states what it is doing but not clear why they are comparing the behavioral factors from the two sources, there is no clear question stated. “This paper examines a number of theoretical models drawn from academic literature to identify a set of factors that are thought to be behavior factors associated with insider threats.” This statement indicates that the aim of the paper is to analyze these models but it is not The word “examines” – the paper does not examine these models Yes a few models are slightly described but to be the aim of the paper they would have to be discussed in detail and the paper would have to show how these factors are identified from the analysis of each of these models The clear aim of identifying factors that require further study not stated
Appreciative Comment The use of figures to compare the percent of influence the different factors have in each reported case. Access and level of trust is a behavioral factor: Incident Report% of insiders with some level of privileged access to stolen data Core category of insider threat Spooner et al.100%Theft of IP Moore et al.67%Theft of IP Cappelli et al.75% out of 78%IT sabotage, fraud and Theft of IP
Question Motivation is a behavioral factor and “Researchers have suggested as many as 84% of the incidents were motivated by revenge” Why do you think revenge is a major factor in causing an insider threat? Incident Report% of insiders motivated by a desire for revenge Core category of insider threat Hanley et al.80%Theft of IP Kowalski et alOnly around 20%IT sabotage, fraud and Theft of IP Cappelli et al.More than 50%IT sabotage, fraud and Theft of IP