TOP
Search the Dagstuhl Website
Looking for information on the websites of the individual seminars? - Then please:
Not found what you are looking for? - Some of our services have separate websites, each with its own search option. Please check the following list:
Schloss Dagstuhl - LZI - Logo
Schloss Dagstuhl Services
Seminars
Within this website:
External resources:
  • DOOR (for registering your stay at Dagstuhl)
  • DOSA (for proposing future Dagstuhl Seminars or Dagstuhl Perspectives Workshops)
Publishing
Within this website:
External resources:
dblp
Within this website:
External resources:
  • the dblp Computer Science Bibliography


Dagstuhl Seminar 10341

Insider Threats: Strategies for Prevention, Mitigation, and Response

( Aug 22 – Aug 26, 2010 )

(Click in the middle of the image to enlarge)

Permalink
Please use the following short url to reference this page: https://www.dagstuhl.de/10341

Organizers



Summary

The Dagstuhl seminar “Insider Threats: Strategies for Prevention, Mitigation and Response” was held on August 22 – 26, 2010 (Seminar #10341,) to advance our understanding of ways of reducing insider threats. The insider threat is cited in many studies as the most serious security problem facing organizations. Insider threats are particularly difficult to deal with because insiders have legitimately empowered knowledge of the organization and its systems, and therefore malicious and benign actions by insiders are hard to distinguish

The 2010 seminar built on the results of its predecessor from 2008 (Countering Insider Threats, #08302). In this seminar we developed a shared,inter-disciplinary definition of the insider 1 and a good formulation for a taxonomy or framework that characterizes insider threats. The seminar also began to explore how organizational considerations might better be incorporated into addressing insider threats.

The purpose of the 2010 seminar was to make progress towards an integrated framework for selecting among and evaluating the impact of alternative security policies against insider threats. An integrated framework, we recognized, needs to include issues not considered in insider work before, such as the economics of insider threats, and the role of law as both a preventative and punitive instrument. We saw the need for creating and testing alternative integrated frameworks so that practitioners and researchers could make informed choices as to combinations of actions targeted at insider threats, and also the need for methods to evaluate the effectiveness of these actions.

The Dagstuhl seminar on strategies for prevention, mitigation, and response with respect to insider threats explored all these areas through discussions and presentations based on input from different and divert communities.

The purpose of the 2010 seminar was to make progress towards an integrated framework for selecting among and evaluating the impact of alternative security policies against insider threats. An integrated framework, we recognized, needs to include issues not considered in insider work before, such as the economics of insider threats, and the role of law as both a preventative and punitive instrument. We saw the need for creating and testing alternative integrated frameworks so that practitioners and researchers could make informed choices as to combinations of actions targeted at insider threats, and also the need for methods to evaluate the effectiveness of these actions.

The goal of the seminar was to develop a taxonomy for identifying insider threats and an integrated approach that allows a qualitative reasoning about the threat and the possibilities of attacks. We expected this to result allow us to develop a deeper understanding of security policies and how to evaluate them.

During the seminar, all these issues were inspected and scrutinized, resulting in a better appreciation of social and organizational factors relevant to insider threats, and addressing important questions in related areas.

We would like to thank all participants of the seminar for making it a fruitful and inspiring event—and especially Dagstuhl’s wonderful staff, for their endless efforts, both before and during the seminar, to make the stay in Dagstuhl as successful as it has been.


Participants
  • Andre Adelsbach (Telindus S.A. - Luxemburg, LU)
  • Saurabh Arora (Hasso-Plattner-Institut - Potsdam, DE)
  • Samuel Burri (IBM Research GmbH - Zürich, CH)
  • Lizzie Coles-Kemp (Royal Holloway University of London, GB) [dblp]
  • Laura Corriss (Barry University - Miami Shores, US)
  • Trajce Dimkov (University of Twente, NL) [dblp]
  • Ulrich Flegel (University of Applied Sciences - Stuttgart, DE) [dblp]
  • Carrie Gates (CA Labs - Islandia, US) [dblp]
  • Dieter Gollmann (TU Hamburg-Harburg, DE) [dblp]
  • Jose J. Gonzalez (University of Agder - Grimstad, NO)
  • Steven Greenwald (Independent Infosec Consultant, US)
  • Frank L. Greitzer (Pacific Northwest National Lab. - Richland, US) [dblp]
  • Pieter H. Hartel (University of Twente, NL) [dblp]
  • Jeffrey Hunker (Point Park University - Pittsburgh, US)
  • Erland Jonsson (Chalmers UT - Göteborg, SE)
  • Volker Kozok (Bundesministerium der Verteidigung - Bonn, DE)
  • Carl E. Landwehr (McLean, US) [dblp]
  • Gabriele Lenzini (University of Luxembourg, LU) [dblp]
  • Karl N. Levitt (University of California - Davis, US)
  • George Magklaras (University of Plymouth, GB)
  • Jan Meier (TU Hamburg-Harburg, DE)
  • Jörg Meyer (Köln, DE)
  • Vebjørn Moen (VMIT AS - Tau, NO)
  • Andrew P. Moore (Carnegie Mellon University - Pittsburgh, US) [dblp]
  • Steven Murdoch (University of Cambridge, GB)
  • Peter G. Neumann (SRI - Menlo Park, US) [dblp]
  • Richard Overill (King's College London, GB)
  • Sachar Paulus (FH Brandenburg an der Havel, DE) [dblp]
  • Dusko Pavlovic (Royal Holloway University of London, GB) [dblp]
  • Sean Peisert (University of California - Davis, US) [dblp]
  • Wolter Pieters (TU Delft, NL) [dblp]
  • Joachim Posegga (Universität Passau, DE) [dblp]
  • Christian W. Probst (Technical University of Denmark - Lyngby, DK) [dblp]
  • Kai Rannenberg (Goethe-Universität Frankfurt am Main, DE) [dblp]
  • Peter Y. A. Ryan (University of Luxembourg, LU) [dblp]
  • René Rydhof Hansen (Aalborg University, DK)
  • Martina Angela Sasse (University College London, GB) [dblp]
  • Marianthi Theoharidou (Athens University of Economics and Business, GR)
  • Claire Vishik (Intel - London, GB) [dblp]
  • Alec Yasinsac (University of South Alabama, US)
  • Lenore D. Zuck (University of Illinois - Chicago, US) [dblp]

Related Seminars
  • Dagstuhl Seminar 08302: Countering Insider Threats (2008-07-20 - 2008-07-25) (Details)
  • Dagstuhl Seminar 12501: Organizational Processes for Supporting Sustainable Security (2012-12-09 - 2012-12-12) (Details)

Classification
  • Security
  • Society
  • Modelling

Keywords
  • Insider Threat
  • Security Policies
  • Threat Modelling