Prevention: the Missing Link for Managing Insider Threat in the Intelligence Community
Author | : David Charney |
Publisher | : |
Total Pages | : 40 |
Release | : 2018-12-03 |
ISBN-10 | : 1790718368 |
ISBN-13 | : 9781790718368 |
Rating | : 4/5 (368 Downloads) |
Download or read book Prevention: the Missing Link for Managing Insider Threat in the Intelligence Community written by David Charney and published by . This book was released on 2018-12-03 with total page 40 pages. Available in PDF, EPUB and Kindle. Book excerpt: This is the third and final paper in the NOIR White Paper trilogy on Insider Threats. The previous white paper proposed an off-ramp exit solution, which does not yet exist, for those who have crossed the line. Quoting Sun Tzu: "Always leave your enemy an exit." Extending the logic, why not off-ramp exits, meaning robust prevention mechanisms, for BEFORE they cross the line? Security breaches and other insider threat events are the endpoints that indicate a failure occurred somewhere along the sequence of links in security chains. These links are the protective measures intended to counter potentially disastrous breaches. Breaches are proof that the links failed.Failed security chains in the Intelligence Community (IC) should be analyzed the same way the National Transportation Safety Board (NTSB) goes about studying aircraft disasters. The NTSB seeks to understand how each link failed in chains that resulted in disasters and whether protective links that should have been built into security chains were simply missing. This new paper asserts that there are two critical missing links in Intelligence Community security chains. These missing links can be described as two types of off-ramp exits: exits for BEFORE someone crosses the line and exits for AFTER someone crosses the line. The absence of these two links in IC security chains weakens effective management of IC insider threat. If both missing links were added to the considerable number of existing and planned detection links--which at present seem to be the only game in town-- a full spectrum solution would come into existence for the comprehensive management of insider threat. This paper is proposes how to achieve this full spectrum solution.