IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Enhancing Information Security: A Qualitative Risk Analysis Method for Overcoming the Insider Threat

Enhancing Information Security: A Qualitative Risk Analysis Method for Overcoming the Insider Threat
View Free PDF
Author(s): Patricia Y. Logan (Marshall University, USA) and Allen C. Clarkson (Independent Consultant, USA)
Copyright: 2005
Pages: 4
Source title: Managing Modern Organizations Through Information Technology
Source Editor(s): Mehdi Khosrow-Pour (Information Resources Management Association, USA)
DOI: 10.4018/978-1-59140-822-2.ch052

Abstract

A number of recent studies document that “the insider” is a significant risk to information security. The results of these studies suggest that a new approach be used to assess, inform, train, manage and mitigate the risk from insider intrusion. An improved method is proposed for assessing risk and applying appropriate controls: a qualitative approach using an insider-based risk assessment (IBRA). This paper explores the risks from insiders, how insiders evade technology, an exploration of the traditional means of quantitative security assessment, and proposes a new method designed to improve the identification of risk from insiders, improve security, and apply controls appropriate to the insider threat.

Body Bottom