Insider Threats

Inbunden, Engelska, 2018

Av Pierre-Emmanuel Arduin, France) Arduin, Pierre-Emmanuel (Paris-Dauphine University

2 399 kr

Beställningsvara. Skickas inom 7-10 vardagar

Fri frakt för medlemmar vid köp för minst 249 kr.

An information system may be regarded as an organized set of resources, both technological and human. Security should take this specificity into consideration in order to ensure an overall security of information systems. The security of information systems is usually tackled in a technological perspective. This book proposes to focus not only on information systems' security in a technological perspective, but also in a human, managerial and organizational perspective.

Produktinformation

Utgivningsdatum2018-03-09
Mått163 x 239 x 15 mm
Vikt386 g
FormatInbunden
SpråkEngelska
Antal sidor176
FörlagISTE Ltd and John Wiley & Sons Inc
ISBN9781848219724

Tillhör följande kategorier

Systemvetenskap och AI inom Data och it

List of Figures ixList of Scenarios xiiiPreface xvIntroduction xixPart 1. Information Systems: Technologies and People 1Chapter 1. Components with Known Purposes: Technologies 31.1. Up to the end of the 19th Century: decreasing transmission time 41.2. From the end of the 19th Century: decreasing processing time 141.3. From the end of the 20th Century: facing massification 21Chapter 2. Components with Interpretive Aspects: People 252.1. Tacit knowing or, how do we know? 262.1.1. The existence of tacit knowledge 262.1.2. Sense-giving and sense-reading: knowledge is tacit 272.2. The interpretative framework, the filter through which we create our knowledge 312.2.1. A tool for tacit knowing 312.2.2. The different types of interpretative frameworks 342.2.3. The commensurability of interpretative frameworks 372.3. The concept of incommensurability 382.3.1. From partial communication to incommensurability 392.3.2. Language – linking words to nature 412.3.3. Revolution – changing the meaning of words 442.4. Mental models, representations of reality 462.4.1. Incomplete representations 472.4.2. Cognitive representations 492.4.3. Shared mental models 502.4.4. Explaining mental models 51Part 2. The Insider Threat 59Chapter 3. The Three Categories of Insider Threats 61Chapter 4. Unintentional 694.1. The quality of the stolen information 734.2. The case of apparently insignificant information that has hidden value 744.3. The case of information that can simply be asked for 784.4. The case of the information that will help you 81Chapter 5. Intentional and Non-Malicious 835.1. Conflict between productivity and security 855.2. Workarounds, a factor for innovation or risk 885.2.1. Workarounds are an innovation 895.2.2. Workarounds are a risk 895.3. On non-malicious violations 905.3.1. Intentional behavior 915.3.2. Personal benefit without malicious intent 915.3.3. Voluntary breaking of the rules 925.3.4. Possible damage or risk to security 92Chapter 6. Intentional and Malicious 956.1. The information is known; why not exploit it? 966.2. Organizational environment and cognitive processes of committing the act 996.2.1. For the organization, deterrence prevents maliciousness 1006.2.2. For the employee, moral disengagement justifies maliciousness 1036.3. Ease of deterrence 105Conclusion 111Bibliography 117Index 127