Accession Number : AD1046861


Title :   The Insider Threat to Cybersecurity: How Group Process and Ignorance Affect Analyst Accuracy and Promptitude


Descriptive Note : Technical Report


Corporate Author : Naval Postgraduate School Monterey United States


Personal Author(s) : Kelly,Ryan F


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/1046861.pdf


Report Date : 01 Sep 2017


Pagination or Media Count : 303


Abstract : The recent increase in high-profile insider cyber exploits indicates that current insider threat analysis (ITA) is insufficient to handle the growing insider threat problem. Well-established academic literature agrees that information overload is a problem ITA must overcome because ITA remains a human-intensive task. Two conceptual strategies to overcome information overload include reducing information and distributing information among additional people to accommodate the load. This dissertation applies attribution theory and process loss theory to test two ITA factors: ignorance and teamwork. A laboratory experiment with a convenience sample of 48 ITA-trained, top secretcleared participants supported the research. Participants performed ITA with National Insider Threat Task Force training scenarios and applied the adjudicative guidelines for access to classified information. Teamwork conditions resulted in slightly higher accuracy at a significant cost of time, indicating that ITA analysts are best organized in different structures per informational and temporal constraints. However, ignorance level had little effect on ITA analyst accuracy. ITA analysts were substantially more accurate at implication scenarios but slightly better than chance at exoneration scenarios. Lower decision confidence associated with exoneration scenarios indicated that ITA analysts are more likely to guess when presented with an exoneration scenario. Further research involving larger independent samples and temporal constraints is necessary to verify these findings.


Descriptors :   computer network security , threats , information security , training , scenarios , CLASSIFIED MATERIALS , ORGANIZATION THEORY , data analysis , ANALYSIS OF VARIANCE , CYBER DEFENSE TECHNIQUES , cyberattacks


Subject Categories : Computer Systems Management and Standards


Distribution Statement : APPROVED FOR PUBLIC RELEASE