A critical reflection on the threat from human insiders - its nature, industry perceptions, and detection approaches

Jason R.C. Nurse; Philip A. Legg; Oliver Buckley; Ioannis Agrafiotis; Gordon Wright; Monica Whitty; David Upton; Michael Goldsmith; Sadie Creese

doi:10.1007/978-3-319-07620-1_24

A critical reflection on the threat from human insiders - its nature, industry perceptions, and detection approaches

Jason R.C. Nurse, Philip A. Legg, Oliver Buckley, Ioannis Agrafiotis, Gordon Wright, Monica Whitty, David Upton, Michael Goldsmith, Sadie Creese

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

21 Citations (Scopus)

Abstract

Organisations today operate in a world fraught with threats, including "script kiddies", hackers, hacktivists and advanced persistent threats. Although these threats can be harmful to an enterprise, a potentially more devastating and anecdotally more likely threat is that of the malicious insider. These trusted individuals have access to valuable company systems and data, and are well placed to undermine security measures and to attack their employers. In this paper, we engage in a critical reflection on the insider threat in order to better understand the nature of attacks, associated human factors, perceptions of threats, and detection approaches. We differentiate our work from other contributions by moving away from a purely academic perspective, and instead focus on distilling industrial reports (i.e., those that capture practitioners' experiences and feedback) and case studies in order to truly appreciate how insider attacks occur in practice and how viable preventative solutions may be developed.

Original language	English
Title of host publication	Human Aspects of Information Security, Privacy, and Trust - Second International Conference, HAS 2014, Held as Part of HCI International 2014, Proceedings
Publisher	Springer-Verlag London Ltd.
Pages	270-281
Number of pages	12
ISBN (Print)	9783319076195
DOIs	https://doi.org/10.1007/978-3-319-07620-1_24
Publication status	Published - 2014
Externally published	Yes
Event	International Conference on Human Aspects of Information Security, Privacy, and Trust 2014 - Heraklion, Crete, Greece Duration: 22 Jun 2014 → 27 Jun 2014 Conference number: 2nd https://link.springer.com/book/10.1007/978-3-319-07620-1

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	8533
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	International Conference on Human Aspects of Information Security, Privacy, and Trust 2014
Abbreviated title	HAS 2014
Country/Territory	Greece
City	Heraklion, Crete
Period	22/06/14 → 27/06/14
Internet address	https://link.springer.com/book/10.1007/978-3-319-07620-1

Keywords

detection approaches
human factors
insider threats
survey reports
technical and psychological indicators

Access to Document

10.1007/978-3-319-07620-1_24

Cite this

Nurse, J. R. C., Legg, P. A., Buckley, O., Agrafiotis, I., Wright, G., Whitty, M., Upton, D., Goldsmith, M., & Creese, S. (2014). A critical reflection on the threat from human insiders - its nature, industry perceptions, and detection approaches. In Human Aspects of Information Security, Privacy, and Trust - Second International Conference, HAS 2014, Held as Part of HCI International 2014, Proceedings (pp. 270-281). (Lecture Notes in Computer Science; Vol. 8533). Springer-Verlag London Ltd.. https://doi.org/10.1007/978-3-319-07620-1_24

Nurse, Jason R.C. ; Legg, Philip A. ; Buckley, Oliver et al. / A critical reflection on the threat from human insiders - its nature, industry perceptions, and detection approaches. Human Aspects of Information Security, Privacy, and Trust - Second International Conference, HAS 2014, Held as Part of HCI International 2014, Proceedings. Springer-Verlag London Ltd., 2014. pp. 270-281 (Lecture Notes in Computer Science).

@inproceedings{2a50802e7671446e8be8172d0a011876,

title = "A critical reflection on the threat from human insiders - its nature, industry perceptions, and detection approaches",

abstract = "Organisations today operate in a world fraught with threats, including {"}script kiddies{"}, hackers, hacktivists and advanced persistent threats. Although these threats can be harmful to an enterprise, a potentially more devastating and anecdotally more likely threat is that of the malicious insider. These trusted individuals have access to valuable company systems and data, and are well placed to undermine security measures and to attack their employers. In this paper, we engage in a critical reflection on the insider threat in order to better understand the nature of attacks, associated human factors, perceptions of threats, and detection approaches. We differentiate our work from other contributions by moving away from a purely academic perspective, and instead focus on distilling industrial reports (i.e., those that capture practitioners' experiences and feedback) and case studies in order to truly appreciate how insider attacks occur in practice and how viable preventative solutions may be developed.",

keywords = "detection approaches, human factors, insider threats, survey reports, technical and psychological indicators",

author = "Nurse, {Jason R.C.} and Legg, {Philip A.} and Oliver Buckley and Ioannis Agrafiotis and Gordon Wright and Monica Whitty and David Upton and Michael Goldsmith and Sadie Creese",

year = "2014",

doi = "10.1007/978-3-319-07620-1_24",

language = "English",

isbn = "9783319076195",

series = "Lecture Notes in Computer Science",

publisher = "Springer-Verlag London Ltd.",

pages = "270--281",

booktitle = "Human Aspects of Information Security, Privacy, and Trust - Second International Conference, HAS 2014, Held as Part of HCI International 2014, Proceedings",

address = "Germany",

note = "International Conference on Human Aspects of Information Security, Privacy, and Trust 2014, HAS 2014 ; Conference date: 22-06-2014 Through 27-06-2014",

url = "https://link.springer.com/book/10.1007/978-3-319-07620-1",

}

Nurse, JRC, Legg, PA, Buckley, O, Agrafiotis, I, Wright, G, Whitty, M, Upton, D, Goldsmith, M & Creese, S 2014, A critical reflection on the threat from human insiders - its nature, industry perceptions, and detection approaches. in Human Aspects of Information Security, Privacy, and Trust - Second International Conference, HAS 2014, Held as Part of HCI International 2014, Proceedings. Lecture Notes in Computer Science, vol. 8533, Springer-Verlag London Ltd., pp. 270-281, International Conference on Human Aspects of Information Security, Privacy, and Trust 2014, Heraklion, Crete, Greece, 22/06/14. https://doi.org/10.1007/978-3-319-07620-1_24

A critical reflection on the threat from human insiders - its nature, industry perceptions, and detection approaches. / Nurse, Jason R.C.; Legg, Philip A.; Buckley, Oliver et al.
Human Aspects of Information Security, Privacy, and Trust - Second International Conference, HAS 2014, Held as Part of HCI International 2014, Proceedings. Springer-Verlag London Ltd., 2014. p. 270-281 (Lecture Notes in Computer Science; Vol. 8533).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - A critical reflection on the threat from human insiders - its nature, industry perceptions, and detection approaches

AU - Nurse, Jason R.C.

AU - Legg, Philip A.

AU - Buckley, Oliver

AU - Agrafiotis, Ioannis

AU - Wright, Gordon

AU - Whitty, Monica

AU - Upton, David

AU - Goldsmith, Michael

AU - Creese, Sadie

N1 - Conference code: 2nd

PY - 2014

Y1 - 2014

N2 - Organisations today operate in a world fraught with threats, including "script kiddies", hackers, hacktivists and advanced persistent threats. Although these threats can be harmful to an enterprise, a potentially more devastating and anecdotally more likely threat is that of the malicious insider. These trusted individuals have access to valuable company systems and data, and are well placed to undermine security measures and to attack their employers. In this paper, we engage in a critical reflection on the insider threat in order to better understand the nature of attacks, associated human factors, perceptions of threats, and detection approaches. We differentiate our work from other contributions by moving away from a purely academic perspective, and instead focus on distilling industrial reports (i.e., those that capture practitioners' experiences and feedback) and case studies in order to truly appreciate how insider attacks occur in practice and how viable preventative solutions may be developed.

AB - Organisations today operate in a world fraught with threats, including "script kiddies", hackers, hacktivists and advanced persistent threats. Although these threats can be harmful to an enterprise, a potentially more devastating and anecdotally more likely threat is that of the malicious insider. These trusted individuals have access to valuable company systems and data, and are well placed to undermine security measures and to attack their employers. In this paper, we engage in a critical reflection on the insider threat in order to better understand the nature of attacks, associated human factors, perceptions of threats, and detection approaches. We differentiate our work from other contributions by moving away from a purely academic perspective, and instead focus on distilling industrial reports (i.e., those that capture practitioners' experiences and feedback) and case studies in order to truly appreciate how insider attacks occur in practice and how viable preventative solutions may be developed.

KW - detection approaches

KW - human factors

KW - insider threats

KW - survey reports

KW - technical and psychological indicators

UR - http://www.scopus.com/inward/record.url?scp=84903700931&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-07620-1_24

DO - 10.1007/978-3-319-07620-1_24

M3 - Conference Paper

AN - SCOPUS:84903700931

SN - 9783319076195

T3 - Lecture Notes in Computer Science

SP - 270

EP - 281

BT - Human Aspects of Information Security, Privacy, and Trust - Second International Conference, HAS 2014, Held as Part of HCI International 2014, Proceedings

PB - Springer-Verlag London Ltd.

T2 - International Conference on Human Aspects of Information Security, Privacy, and Trust 2014

Y2 - 22 June 2014 through 27 June 2014

ER -

Nurse JRC, Legg PA, Buckley O, Agrafiotis I, Wright G, Whitty M et al. A critical reflection on the threat from human insiders - its nature, industry perceptions, and detection approaches. In Human Aspects of Information Security, Privacy, and Trust - Second International Conference, HAS 2014, Held as Part of HCI International 2014, Proceedings. Springer-Verlag London Ltd. 2014. p. 270-281. (Lecture Notes in Computer Science). doi: 10.1007/978-3-319-07620-1_24

A critical reflection on the threat from human insiders - its nature, industry perceptions, and detection approaches

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Cite this