Educause Security Discussion mailing list archives

Re: Seeking volunteers to help with doctoral research regarding improving how to start insider threat programs in the private sector

From: Jan Buitron <j.buitron2 () STUDENT CTUONLINE EDU>
Date: Sat, 24 Feb 2018 05:04:22 +0000

Hello all,

It is regrettable that my post was misunderstood.


I have spent 3.5 years doing a literature search of peer-reviewed and authoritative literature. I have over 300 
references of recommendations; that part of the research is over.

The first three chapters of my dissertation are the proposal, which is approved, and the Institutional Review Board of 
Colorado Technical University has approved my research.


What is needed is to interview people who have experience in insider threat programs. Volunteers, please message me at:


j.buitron2 () student ctuonline edu for further information.


Thank you,


Jan Buitron, Doctor of Computer Science candidate


________________________________
From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Valdis 
Kletnieks <valdis.kletnieks () VT EDU>
Sent: Friday, February 23, 2018 8:17 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Seeking volunteers to help with doctoral research regarding improving how to start insider 
threat programs in the private sector

On Fri, 23 Feb 2018 22:51:07 +0000, Jan Buitron said:

There must be hundreds of recommendations for which components SHOULD be in
an insider-threat program, but it is difficult to figure where to start. Most
companies do not have a wheelbarrow of funds to start a program; they need to
start, however.


I'll go out on a limb and say the best bang for the buck is to not try to do it
from an ITSEC point of view, but approach it more broadly - everything from
embezzling by people who deal with money for the company, to the person in the
warehouse who's selling your spare parts on Ebay, and so on.

And all these varied issues can be combatted with the same general principle:
Two persons are involved.  The person writing checks isn't the person balancing
the books.  The person moving stuff in the warehouse isn't the person doing
the inventory.  And so on - down to "isn't the person who's reviewing the IT security logs".

More bang for the buck because (a) a lot of the insider threats aren't IT and (b) once
you get the "two persons" thing ingrained into the corporate culture and policy, it's
actually pretty easy to extend to cover new/different things as needs change....

Current thread:

Seeking volunteers to help with doctoral research regarding improving how to start insider threat programs in the private sector Jan Buitron (Feb 23)
- Re: Seeking volunteers to help with doctoral research regarding improving how to start insider threat programs in the private sector Valdis Kletnieks (Feb 23)
  - Re: Seeking volunteers to help with doctoral research regarding improving how to start insider threat programs in the private sector Jan Buitron (Feb 23)