Watching your own: The problem of insider IT misuse |
In recent years the Internet connection has become a frequent point of
Furnell SM, Phyo AH
attack for most organisations. However, the loss due to insider misuse is
far greater than the loss due to external abuse. This paper focuses on the
problem of insider misuse, the scale of it, and how it has effected the
organisations. The paper also discusses why access controls alone cannot be
used to address the problem, and proceeds to consider how techniques
currently associated with Intrusion Detection Systems can potentially be
applied for insider misuse detection. General guidelines for countermeasures
against insider misuse are also provided to protect data and systems.