This paper investigates the field of insider security in an organization. Insider attacks occur knowingly or unknowingly among employees and cause significant damages either in the form of financial or relationships between organizations and its customers, partners and legal entities. An employee in an organization gains sufficient access to critical information and systems for the sake of conducting their job mandate. The increased connectivity between employees and organizations, others operating, regionally, and internationally together with the sophisticated methods of conducting cyber crimes expounds the threat by increasing the methods of leaking confidential information.
Theoretical framework
Organizations employ a number of strategies to help manage insider threats. Some of them include employing security people with reputable characters, use of logging systems to restrict access to computing resources and physical locations, insider detection and monitoring software among others. However, in many instances, there are frequent reports of successful attacks occurring at the very organizations that have deployed most of these controls. It points a thorny area in the field of employee management.
Statistics indicates that organizations are losing millions of dollars in syndicates involving insiders. Cappelli et al. reported in a survey conducted by United States Secret Service that as much as 20% of crimes conducted over the internet are facilitated by insiders and cause huge amounts of destruction. In addition, huge amounts of revenue are lost, as a result, as well as a good number of employees. A similar research conducted at Carnegie Mellon University pointed out an organizational-wide and insider-facilitated attacks which consequently lead to huge financial burdens, exposure and misuse of personal information as well as legal and reputational concerns.
General background of the study
There is considerable literature talking about insider attacks and cyber crime, but none of it seems critically to establish its causes or explicit ways of preventing it. William et al. documents the results of a comprehensive study conducted to detect realistic insider attacks. The research is founded on the application of domain knowledge for the selection of applicable features that can identify behaviour associated with insider attackers.
Myers et al. dealt with insider attacks research and concluded that malicious attackers are one of the most difficult to detect. It is because they are entrusted with the same access tools, and knowledge and skills to break security systems, manipulate them and cover their tricks. The research explored the strategies relevant to detect insider attacks using standard tools and common event approaches.
Purpose of the study
This study aims to shed more light on insider attacks in multinational corporations. The research has the following objectives;
- It seeks to probe insider attacks in multinational corporations by employing industry-wide data
- It explores the motivations for insider attacks and whether they are related to employee factors
- It explores ways of detecting, preventing and avoiding attacks by application of industry-wide analytics
Delimitation and limitations
The study is expected to suffer from unresponsiveness of the respondents as the information requested critical to the management of security in the organizations. Besides, multinationals might be adamant to report any attack so as not to upset their customers and partners. One of the probable delimitations is the company laws and regulations that do not permit sharing of security and sensitive data with outsiders or strangers.
Significance of the study
The study is relevant to multinational organizations who have suffered the effects of insider attacks as well as policy makers, security experts and academicians. It empowers them with skills required to stay relevant in the current age of computer cyber crime.
Methodology
This research will employ quantitative research method. Data will be solicited via questionnaires and interviews on CIO’s, employees and executives of multinational organizations.
Researcher role
The researcher will actively take part in the collection of data in the field. The researcher will be assisted by two research assistants who will be responsible for logistical activities during the interviews and distribution and collection of questionnaires.
Scope of the study
The study will be focused on multinational entities operating in the oil-rich Saudi Arabia. It will focus on foreign multinationals who do business and production activities in the Kingdom.
Data collection strategies
Data will be collected using structured questionnaires specifically drafted for the project. For the interviews, recording tapes will be used to eliminate distractions that might result from using writing materials.
Data analysis strategies
Collected data will be analyzed using data analytic tools such as SPSS for quantitative data to derive insightful information.
Data validation strategies
Data collected must be relevant to the study. In this case, a SMART approach is used where the collected data must be specific to insider attacks, measurable, attainable, and realistic and within a specific time frame.
Management plan, time and feasibility
The project will be conducted over a period of six months. A preliminary research will be conducted to determine whether relevant data can be achieved using the research methods that have been highlighted. If not, the research procedure may be altered to suit the scenarios in the field. The project plan will be developed to note major milestones and monitor the progress of the project.
Works Cited
Cappelli, D, Moore, A, Shimeall, T, Trzeciak, R. Common Sense Guide to Prevention and Detection of Insider Threats: Carnegie Mellon University 2006.
Myers, Justin, Grimaila, Micheal R, Mills, R. Towards Insider Threat Detection using Web Server Logs, Center for Cyberspace Research Air Force Institute of Technology. Springer, 2009.
