A Theoretical Review: Risk Mitigation Through Trusted Human Framework for Insider Threats

Submitted by grigby1 on Tue, 12/01/2020 - 12:59pm

Title	A Theoretical Review: Risk Mitigation Through Trusted Human Framework for Insider Threats
Publication Type	Conference Paper
Year of Publication	2019
Authors	Apau, M. N., Sedek, M., Ahmad, R.
Conference Name	2019 International Conference on Cybersecurity (ICoCSec)
Date Published	Sept. 2019
Publisher	IEEE
ISBN Number	978-1-7281-5657-6
Keywords	cyclic process, enterprise risk management activities, Human Behavior, human trust, insider threats, insider threats risk, on-going process, People Process and Technology, Personnel, potential employees, pubcrawl, risk management, risk mitigation, security of data, software engineering, Trusted Computing, trusted human framework
Abstract	This paper discusses the possible effort to mitigate insider threats risk and aim to inspire organizations to consider identifying insider threats as one of the risks in the company's enterprise risk management activities. The paper suggests Trusted Human Framework (THF) as the on-going and cyclic process to detect and deter potential employees who bound to become the fraudster or perpetrator violating the access and trust given. The mitigation's control statements were derived from the recommended practices in the "Common Sense Guide to Mitigating Insider Threats" produced by the Software Engineering Institute, Carnegie Mellon University (SEI-CMU). The statements validated via a survey which was responded by fifty respondents who work in Malaysia.
URL	https://ieeexplore.ieee.org/document/8970795/
DOI	10.1109/ICoCSec47621.2019.8970795
Citation Key	apau_theoretical_2019

Groups:

Science of Security VO