Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
2Activity
0 of .
Results for:
No results containing your search query
P. 1
Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders

Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders

Ratings: (0)|Views: 7 |Likes:
This paper describes an analysis that justifies applying the pattern “Increased Review for Intellectual Property (IP) Theft by Departing Insiders.” The pattern helps organizations plan, prepare, and implement a strategy to mitigate the risk of insider theft of IP. The analysis shows that organizations can reduce their risk of insider theft of IP through increased review of departing insiders’ actions during a relatively small window of time prior to their departure. Preliminary research results show that approximately 70% of insider IP thieves can be caught by following the pattern’s recommendation of reviewing insiders’ actions for theft events during only the last two months of their employment. These results provide practical guidance for practitioners wishing to fine tune the application of the pattern for their organizations. “Increased Review for IP Theft by Departing Insiders” is part of the CERT(R) Insider Threat Center’s evolving library of enterprise architectural patterns for mitigating the insider threat, based on the Center’s collected data. The Center’s larger goal is to foster greater organizational resilience to insider threat, using repeated application of patterns from the library.
This paper describes an analysis that justifies applying the pattern “Increased Review for Intellectual Property (IP) Theft by Departing Insiders.” The pattern helps organizations plan, prepare, and implement a strategy to mitigate the risk of insider theft of IP. The analysis shows that organizations can reduce their risk of insider theft of IP through increased review of departing insiders’ actions during a relatively small window of time prior to their departure. Preliminary research results show that approximately 70% of insider IP thieves can be caught by following the pattern’s recommendation of reviewing insiders’ actions for theft events during only the last two months of their employment. These results provide practical guidance for practitioners wishing to fine tune the application of the pattern for their organizations. “Increased Review for IP Theft by Departing Insiders” is part of the CERT(R) Insider Threat Center’s evolving library of enterprise architectural patterns for mitigating the insider threat, based on the Center’s collected data. The Center’s larger goal is to foster greater organizational resilience to insider threat, using repeated application of patterns from the library.

More info:

Categories:Types, Research
Published by: Software Engineering Institute Publications on Mar 19, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

04/09/2013

pdf

text

original

 
 Justification of a Pattern for DetectingIntellectual Property Theft by DepartingInsiders
 Andrew P. MooreDavid McIntireDavid MundieDavid Zubrow
March 2013TECHNICAL NOTE
CMU/SEI-2013-TN-013
CERT
 ® 
ProgramSoftware Engineering Process Management Program
 
 
SEI markings v3.2 / 30 August2011
Copyright 2013 Carnegie Mellon UniversityThis material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of theSoftware Engineering Institute, a federally funded research and development center.Any opinions, findings and conclusions or recommendations expressed in this material are thoseof the author(s) and do not necessarily reflect the views of the United States Department of Defense.This report was prepared for theSEI Administrative AgentAFLCMC/PZE20 Schilling Circle, Bldg 1305, 3rd floor Hanscom AFB, MA 01731-2125 NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWAREENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS.CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO,WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLONUNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TOFREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.This material has been approved for public release and unlimited distribution except as restricted below.Internal use:* Permission to reproduce this material and to prepare derivative works from thismaterial for internal use is granted, provided the copyright and “No Warranty” statements areincluded with all reproductions and derivative works.External use:* This material may be reproduced in its entirety, without modification, and freelydistributed in written or electronic form without requesting formal permission. Permission isrequired for any other external and/or commercial use. Requests for permission should be directedto the Software Engineering Institute at permission@sei.cmu.edu.* These restrictions do not apply to U.S. government entities.Carnegie Mellon
®
and CERT
®
are registered in the U.S. Patent and Trademark Office byCarnegie Mellon University.DM-0000112
 
 
CMU/SEI-2013-TN-013
|
i
 
Table of Contents
Acknowledgments v
 
Abstract vii
 
1
 
Introduction 1
 
2
 
Background 3
 
3
 
Summary of the Subject Pattern 5
 
3.1
 
Context 5
 
3.2
 
Problem 5
 
3.3
 
Solution 5
 
3.4
 
Expected Benefits 6
 
4
 
Research Questions and Hypothesis 7
 
4.1
 
Research Questions 7
 
4.2
 
Hypothesis 7
 
5
 
Case Selection and Coding Procedures 10
 
5.1
 
Case Selection Criteria 10
 
5.2
 
Coding Procedures 11
 
6
 
Preliminary Analysis Results 12
 
7
 
Conclusion 15
 
Appendix
 
Structure of the Solution Described by the Pattern 17
 
References 19
 

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->