Insider Threats: The Analysis using Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE)

Authors

  • Luqman Hakim

Keywords:

Unintentional Insider Threat, Insider Threat, SME, Risk Assessment, Human Element, OCTAVE.

Abstract

A good document management can lead to a good management of cybersecurity [1] specially to prevent ransomware. Ransomware is one of the cybersecurity threats that locks the computer via encryptions and one of the ways to prevent ransomware is to detect the existence of insider threats [2].  In a study, insider threats are defined as people who work in the company, have access to the system and take intentional or unintentional actions that affect the IT system [3].  According to Ponemon Institute data, the frequency of insider threats went up 47% between 2018 and 2020, and the cost of these occurrences raised to $11.45 million. The study additionally showed that it usually takes organizations 77 days to contain an event regarding an insider threat. The statistics are concerning, and organizations need to be ready to deal with this threat [4]. For the recent years (2020 to 2022), it was increased again by 44% [5]. A study suggests that one factor in insider threats is user habits / behaviour [6]. This is what underlies this research and writing to determine user behaviour in these small companies so that they can determine whether an insider threat really exists or not by conducting a risk assessment [7].

 

Downloads

Published

2024-07-15