| Insider Threat Basics | p. 1 |
| What Is There to Worry About? | p. 3 |
| Introduction | p. 4 |
| The Devil Inside | p. 4 |
| The Importance of Insider Threat | p. 5 |
| Why the Insider Threat Has Been Ignored | p. 17 |
| Why the Insider Threat Is Worse Than the External Threat | p. 19 |
| The Effect of Insider Threats on a Company | p. 21 |
| How Bad Is It-Statistics on What Is Happening | p. 23 |
| Targets of Attack | p. 35 |
| The Threat Is Real | p. 37 |
| New World Order | p. 42 |
| Future Trends | p. 43 |
| Summary | p. 48 |
| Behind the Crime | p. 49 |
| Introduction | p. 50 |
| Overview of Technologies | p. 58 |
| Information Extraction | p. 59 |
| Hidden Files | p. 60 |
| Network Leakage | p. 77 |
| Cryptography | p. 84 |
| Steganography | p. 88 |
| Malicious Acts | p. 91 |
| The Human | p. 92 |
| Summary | p. 96 |
| Government | p. 101 |
| State and Local Government Insiders | p. 103 |
| Introduction | p. 104 |
| Threats You May Face | p. 105 |
| Incidents | p. 113 |
| Case Study: Using Insider Access to Sell Private | |
| Information | p. 118 |
| Case Studies: Theft of Electronic Benefits | p. 121 |
| Case Study: Lottery Fraud | p. 125 |
| Case Study: Clerk Steals More Than $4.9M from Estates | p. 128 |
| Prosecution Statistics | p. 136 |
| Summary | p. 143 |
| Endnotes | p. 144 |
| Federal Government | p. 145 |
| Introduction | p. 147 |
| Threats | p. 148 |
| Case Study: IRS Employee Appeals Conviction of Wire Fraud | p. 151 |
| Case Study: FBI Employee Discloses Sensitive Files to Family and Friends | p. 155 |
| Case Study: FBI Employee Accesses Computer System without Authorization | p. 157 |
| Case Study: Department of Energy Employee Provides Price List to Competition | p. 158 |
| Case Study: Time Fraud in the Patent and Trademark Office | p. 160 |
| Case Study: Time Fraud in the Department of Commerce | p. 161 |
| Case Study: Time Fraud in the Defense Intelligence Agency | p. 163 |
| Case Study: Time Fraud in Defense Security Services | p. 164 |
| Case Study: Time Fraud Using False Jury Duty Claims | p. 165 |
| Case Study: Government Credit Card Fraud in the State Department | p. 166 |
| Case Study: Government Credit Card Fraud in the U.S. Attorney's Office | p. 168 |
| Case Study: Department of Agriculture Employee Commits Massive Visa Fraud | p. 169 |
| Case Study: State Department Employee Commits Massive Visa Fraud | p. 171 |
| Case Study: United States Border Patrol and Customs Agents Smuggle Drugs | p. 172 |
| Case Study: NLM Programmer Creates Backdoor in Medical Computer System | p. 173 |
| Case Study: CIA and FBI Traitors | p. 175 |
| Case Study: Disgruntled Coast Guard Employee Deletes Database Records | p. 182 |
| Summary | p. 184 |
| Endnotes | p. 185 |
| Corporations | p. 187 |
| Commercial | p. 189 |
| Introduction | p. 191 |
| Threats | p. 192 |
| United States Code Relevant to Insider Threat | p. 197 |
| Summary | p. 238 |
| Endnotes | p. 238 |
| Banking and Financial Sector | p. 241 |
| Introduction | p. 242 |
| Threats | p. 244 |
| Legal Regulations | p. 269 |
| Summary | p. 273 |
| Government Subcontractors | p. 275 |
| Introduction | p. 276 |
| Threats | p. 277 |
| Summary | p. 291 |
| Endnotes | p. 291 |
| Analysis | p. 293 |
| Profiles of the Insider Threat | p. 295 |
| Introduction | p. 296 |
| General Types of Profiling | p. 297 |
| Base Profile | p. 299 |
| Limitations | p. 314 |
| High-End Profile | p. 318 |
| Categories of Inside Attacks | p. 321 |
| Foreign Intelligence | p. 324 |
| Stance | p. 324 |
| Summary | p. 326 |
| Response: Technologies That Can Be Used to Control the Insider Threat | p. 329 |
| Introduction | p. 330 |
| Understanding and Prioritizing Critical Assets | p. 331 |
| Defining Acceptable Level of Loss | p. 332 |
| Controlling Access | p. 334 |
| Bait: Honeypots and Honeytokens | p. 335 |
| Die Pad for Data | p. 337 |
| Mole Detection | p. 339 |
| Profiling | p. 340 |
| Monitoring | p. 342 |
| Anomaly Detection | p. 346 |
| Signature Analysis | p. 347 |
| Thin Clients | p. 349 |
| Policy, Training, and Security Awareness | p. 350 |
| Background Checks | p. 351 |
| Summary | p. 351 |
| Survivability | p. 353 |
| Introduction | p. 354 |
| Risk | p. 354 |
| Limiting Failure Points | p. 367 |
| Increasing Redundancy | p. 369 |
| Controlling and Limiting Access | p. 374 |
| Psychosocial Factors | p. 377 |
| Educating Employees | p. 378 |
| Reacting to Insider Threat | p. 380 |
| Summary | p. 384 |
| Index | p. 385 |
| Table of Contents provided by Ingram. All Rights Reserved. |
