National Academies Press: OpenBook

Summary of Discussions at a Planning Meeting on Cyber-Security and the Insider Threat to Classified Information (2001)

Chapter: Cyber-Security and the Insider Threat to Classified Information

Suggested Citation:"Cyber-Security and the Insider Threat to Classified Information." National Research Council. 2001. Summary of Discussions at a Planning Meeting on Cyber-Security and the Insider Threat to Classified Information. Washington, DC: The National Academies Press. doi: 10.17226/10197.
×

SUMMARY OF DISCUSSIONS AT A PLANNING MEETING ON CYBER-SECURITY AND THE INSIDER THREAT TO CLASSIFIED INFORMATION

COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD

THE NATIONAL RESEARCH COUNCIL

THE NATIONAL ACADEMIES

NOVEMBER 1–2, 2000

Chair:

Anita K.Jones, Lawrence R.Quarles Professor of Engineering and Applied Science University of Virginia

Rapporteur:

Lynette I.Millett, Program Officer and Study Director Computer Science and Telecommunications Board

This white paper summarizes the discussions of a planning meeting sponsored by the National Research Council (NRC) on November 1–2, 2000. It has not been reviewed by the National Research Council and does not reflect the institutional views of the NRC in any way.

Suggested Citation:"Cyber-Security and the Insider Threat to Classified Information." National Research Council. 2001. Summary of Discussions at a Planning Meeting on Cyber-Security and the Insider Threat to Classified Information. Washington, DC: The National Academies Press. doi: 10.17226/10197.
×

Meeting of November 1–2, 2000 on

Cyber-Security and the Insider Threat to Classified Information

CYBER-SECURITY AND THE INSIDER THREAT TO CLASSIFIED INFORMATION

In order to determine whether to conduct a study on cyber-security and the insider threat to classified information, the Computer Science and Telecommunications Board (CSTB) of the National Academies (described in Appendix A) hosted a meeting on November 1– 2, 2000 to advise CSTB on the issues that such a study might address.

Meeting participants endorsed the concept that CSTB should undertake a project that would examine high-grade threats (by definition including insider threats) to high-value information systems. Such a study should focus both on national security concerns and classified systems as well as non-classified, commercial enterprises.

The meeting was chaired by Anita K.Jones, Lawrence R.Quarles Professor of Engineering and Applied Science, the University of Virginia. The steering committee consisted of Tom Bozek, Office of the Secretary of Defense; Michael Caloyannides, Mitretek Systems; and Carl Landwehr, Mitretek Systems. Meeting participants (Appendix B) included experts in information security, law, national defense, and law enforcement. The meeting agenda is given in Appendix C.

1. Introduction

Public attention to information security today tends to focus on the problem of preventing harm that results from the actions of a hostile “outsider,” such as a hacker. However, security breaches accomplished with the cooperation of (or at the instigation of) an insider can cause significant damage. For example, an insider might be able to disable certain network security mechanisms, thereby allowing a collaborator on the outside to gain access. Or, an insider might be able to transmit electronically large volumes of sensitive information without ever being subjected to physical search. The compromised or actively hostile insider clearly presents a difficult challenge for the manager or security practitioner.

The classic insider attack in which an individual uses authorized access to a computer system to view a sensitive piece of information, memorizes it, and then divulges it at a future date in a different location seems impervious to straightforward technological solutions. However, it may be possible to develop technologies that can mitigate the damage done when such individuals use technological means to assist in the information transfer or are more interested in sabotage than espionage. Technology can also be employed that increases the likelihood that the individual will be caught. Nevertheless, dealing with the insider threat inevitably involves organizational policies, practices, and processes as well as technological approaches. For example, in an environment in which most employees are trustworthy, what policies, practices, and processes can be implemented that will help to cope effectively with the insider threat?

The CSTB meeting’s initial focus was on the threat to classified systems and information because the political and organizational issues that often arise with protection policies and practices (e.g., rights to privacy) are considerably fewer and less intense than if

Suggested Citation:"Cyber-Security and the Insider Threat to Classified Information." National Research Council. 2001. Summary of Discussions at a Planning Meeting on Cyber-Security and the Insider Threat to Classified Information. Washington, DC: The National Academies Press. doi: 10.17226/10197.
×
Page 1
Suggested Citation:"Cyber-Security and the Insider Threat to Classified Information." National Research Council. 2001. Summary of Discussions at a Planning Meeting on Cyber-Security and the Insider Threat to Classified Information. Washington, DC: The National Academies Press. doi: 10.17226/10197.
×
Page 2
Next: 1. Introduction »
Summary of Discussions at a Planning Meeting on Cyber-Security and the Insider Threat to Classified Information Get This Book
×
MyNAP members save 10% online.
Login or Register to save!

This is a summary of discussions at a planning meeting held November 1-2, 2000 to examine the prospects of initiating an NRC study on cyber-security and the insider threat to classified information. The meeting's focus was on the threat to classified systems and information because the political and organizational issues that often arise with protection policies and practices (e.g., rights to privacy) are considerably fewer and less intense than if sensitive unclassified information (especially non-governmental information) is involved. The meeting also addressed threats other than insider threats as well as non-classified computer systems.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!