Skip to main content

Exploratory R&D of a Technology-Driven Insider Threat Scoring Metric

Researchers: Andrew Moore, Randall Trzeciak

Cross Cutting Thrusts: Next Generation Threat Prediction and Response | Threat Analysis and Modeling

Abstract

Scope:  The Insider Threat metrics work will take the form of three primary research areas: 1. Analysis and grouping of technical and non-technical/behavioral precursors, and organizational issues in the Insider Threat database. 2. Ranking various combinations of selected attributes to form a preliminary matrix of ordinal insider threat matrix risk scores. 3. Test the validity of metric scores and subscores; explore how the metric could be used to create an automated monitoring system, accepting real-time feedback from widely-used enterprise tools, as part of future work.

Outcomes:  Determine the future direction of a fully-developed insider threat scoring metric.