A behavioral theory of insider-threat risks: A system dynamics approach

A behavioral theory of insider-threat risks: A system dynamics approach

The authors describe a behavioral theory of the dynamics of insider-threat risks. Drawing on data related to information technology security violations and on a case study created to explain the dynamics observed in that data, the authors constructed a system dynamics model of a theory of the develo...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:ACM Trans. Model. Comput. Simul. J 2008-04, Vol.18 (2), p.1-27
Hauptverfasser: Martinez-Moyano, Ignacio J., Rich, Eliot, Conrad, Stephen, Andersen, David F., Stewart, Thomas R.
Format: Artikel
Sprache:eng
Schlagworte:
97
BEHAVIOR
COMPUTER NETWORKS
COMPUTERIZED SIMULATION
GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE
SABOTAGE
SECURITY
SYSTEMS ANALYSIS
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The authors describe a behavioral theory of the dynamics of insider-threat risks. Drawing on data related to information technology security violations and on a case study created to explain the dynamics observed in that data, the authors constructed a system dynamics model of a theory of the development of insider-threat risks and conducted numerical simulations to explore the parameter and response spaces of the model. By examining several scenarios in which attention to events, increased judging capabilities, better information, and training activities are simulated, the authors theorize about why information technology security effectiveness changes over time. The simulation results argue against the common presumption that increased security comes at the cost of reduced production.
ISSN:1049-3301
1558-1195
DOI:10.1145/1346325.1346328