1. Responded to message below. Should be at least 250 words. Responses should be informative and contribute to advancing knowledge of the topic. Include at least 2 APA-cited references.
Frank, Greitzer & Holimer (2011) makes powerful augments about the difficulties surrounding the trail before the fact. I agree with them. It really is difficult to determine if threats are bogus and if they should be taken seriously. However, once a threat is made it must be taken seriously and that it is highly possible for the individual to carry out their plan. It is also difficult to know the individual’s state of mind or if the individual has psychological issues. Frank, Greitzer & Holimer (2011) states, “there are several factors that should taken into consideration regarding picking up the trail before the fact, (a) the lack of sufficient real-world data that has “ground truth” adequate scientific verification and validate of proposed solutions; (b) the difficulty in distinguishing between malicious insider behavior and what can be described as normal or legitimate behavior (c) the potential quantity of data, and the resultant number of “associations” or relationships that may emerge produce enormous scalability challenges; and (d) despite ample evidence suggesting that in a preponderance of cases, the perpetrator exhibited observable ‘concerning behaviors’. All threats should be taken into account and noted as warning signals and reported to the proper authorities.
Sometimes the most damage is done by individuals who had a personal insight into the company or one who became disgruntled. They know the outs an ins of the organization and how to cause the most damage. I also agree that the methods and skills of the perpetrators have changed in recent years. With all of the new technology, the generations have become wiser and smarter. Therefore, all threats should be observed.
2. Responded to message below. Should be at least 250 words. Responses should be informative and contribute to advancing knowledge of the topic. Include at least 2 APA-cited references.
What Frank, Greitzer & Hohimer (2011) argue about difficulties of picking up the trail before the fact, in order to provide time to intervene and prevent an insider cyber attack?
I agree with Greitzer and Hohimer that insider threat is a serious concern for cyber security that has to be addressed successfully. Unfortunately this is much easier said than done. The nature of insider threat makes it very difficult to detect and as Grietzer and Hohimer (2011) point out, there is a lack of real world data, it is difficult to differentiate between normal and abnormal behavior, there would be scalability challenges in data collected and no one has really decided to tackle this issue with technology yet (p.27). This means that devising a way to identify an insider threat prior to that insider launching an attack is a task that will not be easy to complete. That doesn’t mean that this is not a goal that we should be working towards, quite the opposite actually. This is something that should be given attention and professionals should be working on methods that can help catch insider threats before the damage is done.
Do you agree with them? Why? Why not?
I do agree with Greitzer and Hohimer that insider threat is a big problem. I also agree that there is a lack of data that can be used to help identify patterns and help develop methods and technology that can catch insider threat early. I have to admit that much of what they discussed in the article was a bit over my head. I don’t fully understand how the technology they discussed would work and I also can’t say that I believe that a technological solution would the perfect solution for this issue. Humans can be very unpredictable. This means that any technology developed to be an early identifier of insider threat will not work every time. I do think that more often than not there will be indicators prior to an insider attack occurring but there is always that chance that someone just snaps. With that being said I do think that there should still be research and work done to mitigate the risk of insider attacks.
Quantification: 2 Pages