Abstract
Information security risk assessment has a major role in assessing the security posture of any organisation. Risk assessment is mostly performed with focus on the external threats to the information assets rather than the insider threats. Insider attacks are caused by the insiders with privileged access rights to the information assets. Traditional security controls like encryption and policy-based access control used in organisations fail to identify the malicious insider activity. Therefore, fighting insider threats is a tough task for organisations since it is important to have a balance between the grant of required privileges to the users, and identification of malicious access by them. This paper proposes an intelligent risk aware decision support system that identifies the presence insider threats and their intensity in an organisation by quantifying the risk to assets and behaviour monitoring of users who access those assets.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: International Journal of Data Analysis Techniques and Strategies
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.