Educause Security Discussion mailing list archives
Re: Seeking volunteers to help with doctoral research regarding improving how to start insider threat programs in the private sector
From: Jan Buitron <j.buitron2 () STUDENT CTUONLINE EDU>
Date: Sat, 24 Feb 2018 05:04:22 +0000
Hello all, It is regrettable that my post was misunderstood. I have spent 3.5 years doing a literature search of peer-reviewed and authoritative literature. I have over 300 references of recommendations; that part of the research is over. The first three chapters of my dissertation are the proposal, which is approved, and the Institutional Review Board of Colorado Technical University has approved my research. What is needed is to interview people who have experience in insider threat programs. Volunteers, please message me at: j.buitron2 () student ctuonline edu for further information. Thank you, Jan Buitron, Doctor of Computer Science candidate ________________________________ From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Valdis Kletnieks <valdis.kletnieks () VT EDU> Sent: Friday, February 23, 2018 8:17 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Seeking volunteers to help with doctoral research regarding improving how to start insider threat programs in the private sector On Fri, 23 Feb 2018 22:51:07 +0000, Jan Buitron said:
There must be hundreds of recommendations for which components SHOULD be in an insider-threat program, but it is difficult to figure where to start. Most companies do not have a wheelbarrow of funds to start a program; they need to start, however.
I'll go out on a limb and say the best bang for the buck is to not try to do it from an ITSEC point of view, but approach it more broadly - everything from embezzling by people who deal with money for the company, to the person in the warehouse who's selling your spare parts on Ebay, and so on. And all these varied issues can be combatted with the same general principle: Two persons are involved. The person writing checks isn't the person balancing the books. The person moving stuff in the warehouse isn't the person doing the inventory. And so on - down to "isn't the person who's reviewing the IT security logs". More bang for the buck because (a) a lot of the insider threats aren't IT and (b) once you get the "two persons" thing ingrained into the corporate culture and policy, it's actually pretty easy to extend to cover new/different things as needs change....
Current thread:
- Seeking volunteers to help with doctoral research regarding improving how to start insider threat programs in the private sector Jan Buitron (Feb 23)
- Re: Seeking volunteers to help with doctoral research regarding improving how to start insider threat programs in the private sector Valdis Kletnieks (Feb 23)
- Re: Seeking volunteers to help with doctoral research regarding improving how to start insider threat programs in the private sector Jan Buitron (Feb 23)
- Re: Seeking volunteers to help with doctoral research regarding improving how to start insider threat programs in the private sector Valdis Kletnieks (Feb 23)