INSIDERS AND INSIDER INFORMATION: ESSENCE, THREATS, ACTIVITIES AND LEGAL RESPONSIBILITY
Open Access
- 1 January 2022
- journal article
- Published by Borys Grinchenko Kyiv University in Cybersecurity: Education, Science, Technique
- Vol. 3 (15), 175-185
- https://doi.org/10.28925/2663-4023.2022.15.175185
Abstract
The constant development of information technologies, the growing role at the present stage of human potential create new internal threats to the information security of enterprises. The article investigates and analyzes the problems of information security associated with internal violators of companies and their insider activity. Economic reports and analytical materials allowed to determine the relevance and importance of this work. Based on scientific literature, a review of various approaches to the definition of "insider" and "insider information" was carried out. The main key indicators of the insider and signs of insider information are described. The classification of data sources for the study of insider threats is presented, among which real data of the system journal and data from social networks are allocated; analytical information with synthetic anomalies; simulated data due to the formation of stochastic models; theoretical and gaming approach. Insider threat detection algorithms are described depending on intentions, behavior, capabilities of insiders, how resources are used, as well as models involving several algorithms. The normative issues of protection of insider information from unauthorized disclosure and legal responsibility for illegal use of insider information in Ukrainian legislation are covered.Keywords
This publication has 6 references indexed in Scilit:
- Insight Into Insiders and ITACM Computing Surveys, 2019
- Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysisBig Data Analytics, 2016
- Insider Threat Detection Using Log Analysis and Event CorrelationProcedia Computer Science, 2015
- Modeling Human Behavior to Anticipate Insider AttacksJournal of Strategic Security, 2011
- Defining the insider threatPublished by Association for Computing Machinery (ACM) ,2008
- The “Big Picture” of Insider IT Sabotage Across U.S. Critical InfrastructuresPublished by Springer Science and Business Media LLC ,2008