Data Theft: A Prototypical Insider Threat

  • Michael McCormick
Part of the Advances in Information Security book series (ADIS, volume 39)


The author is the lead information security architect at one of the United States’ largest banks. In this paper he assesses the threat of confidential data leakage, focusing on its most virulent form – insider data theft attacks. Technological and procedural controls typically found in enterprise environments are reviewed and found inadequate. Additional controls are proposed, and several areas for additional technical research are also suggested.


Sensitive Data Identity Theft Customer Data Debit Card Inside Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    Randazzo M R, Keeney M, Kowalski E, Cappelli D, Moore A, Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector, United States Secret Service, 2004.Google Scholar
  2. [2]
    Henry T., Controlling Information with Network Content Filtering; Burton Group.Google Scholar
  3. [3]
    Proctor P, Mogull R.. and Oullet E., Magic Quadrant for Content Monitoring and Filtering and Data Loss Prevention, 2Q07 Gartner Inc.Google Scholar
  4. [4]
    Penn J. and Raschke T.., The Forrester Wave®texttrademark : Information Leak Prevention, Q4 2006; Forrester Research.Google Scholar
  5. [5]
    Yuhanna N. and Julian T., Securing Your Data from Insider Threats June 2007 seminar; Forrester Research.Google Scholar
  6. [6]
    Cappelli D., D., Moore, A, and Shaw E., A Risk Mitigation Model: Lessons Learned From Actual Insider Sabotage, Carnegie Mellon CERT; Proceedings CSI 2006.Google Scholar
  7. [7]
    Wilson B., Information Security: A Critical Competency, Carnegie Mellon CERT; Proceedings FSTC 2007.Google Scholar
  8. [8]
    2007 ARO/FSTC Workshop on Insider Attack and Cyber Security (IACS07),∼ insider/Google Scholar
  9. [9]
    Human Behavior, Insider Threat, and Awareness Project Institute for Information Infrastructure Protection (I3P), Scholar
  10. [10]
    FS-ISAC Information Leak Survey, Privately conducted survey, results distributed to members only. (Direct inquiries to the author or the consortium).Google Scholar
  11. [11]
    FSTC Leak Prevention Survey, Privately conducted survey, results distributed to members only. (Direct inquiries to the author or the consortium).Google Scholar
  12. [12]
    2006 E-Crime Watch Survey CSO Magazine with the U.S. Secret Service, CERT®textregistered Coordination Center and Microsoft Corp.Google Scholar
  13. [13]
    Externalization of Entitlements, Privately published white paper; direct inquiries to the author.Google Scholar
  14. [14]
    California law SB1386 serves as the model for other state and federal breach disclosure legislation. Scholar
  15. [15]
    Plastic Card Industry Data Security Council, Scholar
  16. [16]
    Google APIs for search (and other services) documented at Scholar
  17. [17]
    Johnson, M.E. and Dynes, S., Dartmouth College; Proceedings Workshop on the Economics of Information Security, 2007.Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2008

Authors and Affiliations

  • Michael McCormick
    • 1
  1. 1.professor of history at Harvard UniversityMinneapolis

Personalised recommendations