INSIDERS AND INSIDER INFORMATION: ESSENCE, THREATS, ACTIVITIES AND LEGAL RESPONSIBILITY
DOI:
https://doi.org/10.28925/2663-4023.2022.15.175185Keywords:
information security; internal threats; insider; insider information; insider threat; insider activity.Abstract
The constant development of information technologies, the growing role at the present stage of human potential create new internal threats to the information security of enterprises. The article investigates and analyzes the problems of information security associated with internal violators of companies and their insider activity. Economic reports and analytical materials allowed to determine the relevance and importance of this work. Based on scientific literature, a review of various approaches to the definition of "insider" and "insider information" was carried out. The main key indicators of the insider and signs of insider information are described. The classification of data sources for the study of insider threats is presented, among which real data of the system journal and data from social networks are allocated; analytical information with synthetic anomalies; simulated data due to the formation of stochastic models; theoretical and gaming approach. Insider threat detection algorithms are described depending on intentions, behavior, capabilities of insiders, how resources are used, as well as models involving several algorithms. The normative issues of protection of insider information from unauthorized disclosure and legal responsibility for illegal use of insider information in Ukrainian legislation are covered.
Downloads
References
2022 Ponemon Cost of Insider Threats Global Report
https://www.proofpoint.com/us/resources/threat-reports/cost-of-insider-threats
Infographic: 20 Alarming Insider Threats Statistics.
https://www.stealthlabs.com/blog/infographic-20-alarming-insider-threats-statistics/
Moore, A. P., Cappelli, D. M., Trzeciak, R. F. (2008). The “Big Picture” of Insider IT Sabotage Across U.S. Critical Infrastructures. У Insider Attack and Cyber Security (с. 17–52). Springer US. https://doi.org/10.1007/978-0-387-77322-3_3
Gheyas, I. A., Abdallah, A. E. (2016). Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysis. Big Data Analytics, 1(1). https://doi.org/10.1186/s41044-016-0006-0
Pro tsinni papery ta fondovyy rynok, Zakon Ukrayiny № 3480-IV (2021) (Ukrayina). https://zakon.rada.gov.ua/laws/show/3480-15#Text
Dudorov, O.O., Kamensʹkyy, D.V. (2019). Insaydersʹka informatsiya ta kryminalʹnyy zakon: vid amerykansʹkykh realiy do yevropeysʹkykh perspektyv, Yurydychnyy naukovyy elektronnyy zhurnal, 3, 185–201. http://dspace.lduvs.edu.ua/jspui/handle/123456789/306
Nashynetsʹ-Naumova, A. (2016). Ponyattya ta oznaky insaydersʹkoyi informatsiyi yak osoblyvoho vydu informatsiyi z obmezhenym dostupom. Pidpryyemnytstvo, hospodarstvo i pravo, (4 (242)).
Council Directive 89/592/EEC of 13 November 1989 coordinating regulations on insider dealing. http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31989L0592:EN:HTML
Sayenko, V. V. (2002). Pravove rehulyuvannya vykorystannya insaydersʹkoyi informatsiyi na rynku tsinnykh paperiv [Neopubl. avtoref. dys. kand. yuryd. nauk]. KNUTSH.
Kolektyv avtoriv. (2011). Bankivsʹka entsyklopediya. TSND NBU «Znannya». ISBN. 978-966-346-923-2.
Bishop, M., Gates, C. (2008). Defining the insider threat. У the 4th annual workshop. ACM Press. https://doi.org/10.1145/1413140.1413158
Udoeyop, A. W. (2010). Cyber Profiling for Insider Threat Detection [Text]. Trace: Tennessee Research and Creative Exchange. http://trace.tennessee.edu/utk_gradthes/756
Ambre, A., Shekokar, N. (2015). Insider Threat Detection Using Log Analysis and Event Correlation. Procedia Computer Science, 45, 436–445. https://doi.org/10.1016/j.procs.2015.03.175
Homoliak, I., Toffalini, F., Guarnizo, J., Elovici, Y., Ochoa, M. (2019). Insight Into Insiders and IT. A Survey of Insider Threat Taxonomies, Analysis, Modeling, and Countermeasures. https://dl.acm.org/doi/10.1145/1413140.1413158
Yadav, Ye (2018). .Insider Information and the Limits of Insider Trading. Washington University Journal of Law & Policy, 56. https://openscholarship.wustl.edu/law_journal_law_policy/vol56/iss1/14
Kandias, M. (2017). Insider threat prediction: Psychosοcial characteristics extraction and security data science techniques on OSN OSINT. Department of Informatics Athens University of Economics & Business Athens, Greece. https://www.infosec.aueb.gr/Publications/Miltiadis%20Kandias%20PhD%20Thesis%20Site.pdf
Greitzer, F. L., Hohimer, R. E. (2011). Modeling Human Behavior to Anticipate Insider Attacks. Journal of Strategic Security, 4(2), 25–48. https://doi.org/10.5038/1944-0472.4.2.2