商品簡介
An adversary who attacks an organization from within can prove fatal to the organization and is generally impervious to conventional defenses. Drawn from the findings of an award-winning thesis, Managing the Insider Threat: No Dark Corners is the first comprehensive resource to use social science research to explain why traditional methods fail against these trust betrayers. In this groundbreaking book, author Nick Catrantzos identifies new management, security, and workplace strategies for categorizing and defeating insider threats.
The book begins with problem definition and research findings that lead to the "No Dark Corners" strategy for addressing insider threats. With these foundational underpinnings, the book then examines agents of change within the workplace—namely, key players in positions to effectively support or undermine the No Dark Corners strategy, including corporate sentinels and leaders affecting application of this approach.
From there, the author goes on to examine key areas where No Dark Corners-style engagement can make a difference in the way an institution counters insider threats—through rethinking background investigations, recognizing deception, and using lawful disruption. Moving progressively from the theoretical to the practical in applying the strategy within an organizational framework, the book looks at implementation challenges and offers a framework for introducing new insider defense insights into an organization.
Each chapter offers questions to stimulate discussion and exercises or problems suitable for team projects. This practical resource enables those charged with protecting an organization from internal threats to circumvent these predators before they jeopardize the workplace and sabotage business operations.
作者簡介
Nick Catrantzos teaches homeland security and emergency management for the School of Management, University of Alaska, Fairbanks. Formerly a security director for a large public utility and critical infrastructure, he previously directed operations for two international security consultancies, Control Risks and Kroll Associates, and led public sector vulnerability assessments under ManTech Security Technologies. In 2009, he graduated from the Naval Postgraduate School’s Homeland Security Master’s Program, where he won top writing honors for his thesis on insider threats. As an intelligence collector, he was awarded the Meritorious Service Medal for outstanding service to two government agencies.
目次
DIAGNOSTICSThe Problem and Limits of Accepted Wisdom The Problem Terms of Reference Historical Approaches Implications New Research and Contrarian Findings Delphi Research on Insider Threat Alternative Analysis Takes Shape The Alternative Balancing Trust and Transparency: The Copilot Model Comparison with Other Security Strategies KEY PLAYERSAgents of Change—Corporate Sentinels Key Activities Corporate Sentinels Agents of Change—Leaders and Copilots Leadership’s Attitude to Sentinels and Insider Threat Defenses Where to Begin Why Leaders Falter The Issue–Attention Cycle Meets Insider Threats Alternative Approach MAKING A DIFFERENCERethinking Background Investigations Traditional Background Investigation Process Identity Verification What Gets Investigated and How Credentials and Credibility Where Blurred Accountability Comes with a Price Other Red Flags Often Unseen Adjudication of Adverse Findings Transformational Opportunities with a No Dark Corners Approach Case Study: A David Takes on Goliath in Pre-Employment Background Investigations An Overlooked Problem: Investigating the Nonemployee Access the Real Issue Deception and the Insider Threat Deception’s Role Inadequacy of Defenses Representative Methods for Detecting Deception What Do Polygraph Examiners Know about Deception? The Reid Technique The WZ Method Scientific Content Analysis Other Techniques for Detecting Deception Cross-Examination Behavioral Detection The Deceiver’s Edge What Makes a Good Liar No Dark Corners Applications Where to Expect Deception from Trust Betrayers The Infiltrator’s Deception The Disgruntled Insider’s Deception The Detection Dilemma Context-Based Anomaly Detection At Least Ask Know Your World Start Somewhere The What-If Discussion Sample Scenarios Deception’s Role in Scenarios Lawful Disruption of the Insider Threat What Is Lawful Disruption? Defender Dilemmas Three Biases of Authorities That Risk Undermining the Institution Deciding How Far to Go Risks in Failure Analysis and Problem Solving Representative Options: What Defenders Can Do Themselves Techniques of Lawful Disruption by Employee Level Techniques Based on Exploiting Disruptive Behaviors Already in the Workplace The Layered Offense Comparative Observations Practice A Distress Call and Unpredicted Turn of Events Potential Outcomes Sequence of Actual Outcomes Lessons Learned Existential Insider Threats First Things First Protecting People and Property Defender’s Advantage in Dealing with Infiltrators Spillover Effects from Defending against Existential Insiders The Big Three Existential Insider Threats Sabotage with Cascading Impacts Decapitation Attacks through Assassination Espionage Yielding Decisive Victory Problems of Threshold and Accumulation Aligning Existential Threat Defense with the DHS What Makes It an Existential Threat? Assistance with Evaluating Existential Magnitude DHS Protective Security Advisors Local Task Force Entities with a Protective Mandate Red Teaming Defined Where to Recruit Red Team Members Red Teaming Value to Countering Existential Insider Threats Red Team Members from Within Drawing from the Risk or Vulnerability Assessment Team Red Teaming More for Existential than Nonexistential Threats Worse Case and Worst Case Scenarios When Red Team or Special Resources Are Not an Option Avoiding Warning Fatigue Other Insider Threats Cyber Attacks—Insider or Other Threats? Threats of Violence Exploiting Employer Assets for Gain Unifying Themes and Need for a Systematic Approach to Lesser Insider Threats The Threat Scale Application of Threat Scale to Insider Threats by Category Special Cases Misguided Redeemers Fleeting or Occasional Insider Threats—A Nebulous Category of Others Extortion as Another Indirect Threat Lessons of One-Off Cases Implication of Changing Workplace Dynamics for Insider Threats The Shamrock Organization as Incubator for No Dark Corners A Final Caution: Instant Intimacy and Insider Threats Consulting for No Dark Corners Implementation The Inside–Outside Dilemma Recommended: Outside Diagnosis, Hybrid Prescriptions, InternalImplementation Institutional Insertion Points for a No Dark Corners Program Where to Begin Fees, Compensation, and Effectiveness Making Change Happen Engaging 101: Some Features of Starting a No Dark Corners Assignment Delivering 101: Some Ways of Navigating a No Dark Corners Assignment Findings 101: Common Findings to Expect in a No Dark CornersConsulting Engagement Disengaging 101: Drawing the Assignment to a Close The Laser and the Flashlight Checking the Flashlight’s Bulb and Battery ANSWER GUIDE APPENDICESINDEX