A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders

<p>A research project at the CERT® Program is identifying enterprise architectural patterns to protect against the insider threat to organizations. This report presents an example of such a pattern—Increased Monitoring for Intellectual Property (IP) Theft by Departing Insiders—to help organizations plan, prepare, and implement a means to mitigate the risk of insider theft of IP. Our case data shows that many insiders who stole IP did so within 30 days of their termination. Based on this insight, this pattern helps reduce that risk through increased monitoring of departing insiders during their last 30 days of employment. The increased monitoring suggested by the pattern is above and beyond what might be required for a baseline organizational detection of potentially malicious insider actions. Future work will include development of a library of enterprise architectural patterns for mitigating the insider threat based on the data we have collected. Our goal is for organizational resilience to insider threat to emerge from repeated application of patterns from the library.</p

Factors Influencing Support for Insider Threat Behaviours: Anger Rumination, Job Satisfaction, Right-Wing Authoritarianism and Depression/Anxiety

The research on insider threats is largely limited to reactive security measures, with little consideration given to the psychological profile of insider threats and those that support these types of attacks against different industries and government bodies. In two studies, we examined the roles of anger rumination, job satisfaction, depression/anxiety, and right-wing authoritarianism as predictors of insider threats. In Study 1, we considered the role of anger rumination and job satisfaction as predictors of support for insider threat activities as presented through scenarios. As predicted, results indicated that both variables were strong predictors of organisational resentment and insider threat justification, with anger rumination also acting as a predictor of insider threat proclivity. In Study 2, we examined right-wing authoritarianism and depression/anxiety as predictors of insider threats. A multiple regression analysis revealed that right-wing authoritarianism negatively correlated with support for insider threats. There was no significant relationship between either depression and/or anxiety when considering support for insider threat activities. These findings suggest that a lack of authoritarian tendencies may play a role in justifying insider threat behaviours, whereas depression and anxiety do not appear to have a direct influence