Accession Number : AD1046861

Title :   The Insider Threat to Cybersecurity: How Group Process and Ignorance Affect Analyst Accuracy and Promptitude

Descriptive Note : Technical Report

Corporate Author : Naval Postgraduate School Monterey United States

Personal Author(s) : Kelly,Ryan F

Full Text :

Report Date : 01 Sep 2017

Pagination or Media Count : 303

Abstract : The recent increase in high-profile insider cyber exploits indicates that current insider threat analysis (ITA) is insufficient to handle the growing insider threat problem. Well-established academic literature agrees that information overload is a problem ITA must overcome because ITA remains a human-intensive task. Two conceptual strategies to overcome information overload include reducing information and distributing information among additional people to accommodate the load. This dissertation applies attribution theory and process loss theory to test two ITA factors: ignorance and teamwork. A laboratory experiment with a convenience sample of 48 ITA-trained, top secretcleared participants supported the research. Participants performed ITA with National Insider Threat Task Force training scenarios and applied the adjudicative guidelines for access to classified information. Teamwork conditions resulted in slightly higher accuracy at a significant cost of time, indicating that ITA analysts are best organized in different structures per informational and temporal constraints. However, ignorance level had little effect on ITA analyst accuracy. ITA analysts were substantially more accurate at implication scenarios but slightly better than chance at exoneration scenarios. Lower decision confidence associated with exoneration scenarios indicated that ITA analysts are more likely to guess when presented with an exoneration scenario. Further research involving larger independent samples and temporal constraints is necessary to verify these findings.

Descriptors :   computer network security , threats , information security , training , scenarios , CLASSIFIED MATERIALS , ORGANIZATION THEORY , data analysis , ANALYSIS OF VARIANCE , CYBER DEFENSE TECHNIQUES , cyberattacks

Subject Categories : Computer Systems Management and Standards

Distribution Statement : APPROVED FOR PUBLIC RELEASE