CyLab

Distinguished Seminar: Sum of All Fears: Status of Two Decades of Modeling Insider Threat Risk with Frank Greitzer

October 08, 2018

11:30 a.m. - 12:30 p.m. ET

CIC, Panther Hollow Room

Frank Greitzer
Principal Scientist and founder
PsyberAnalytix

This event is part of the CyLab Distinguished Seminar Series.

Abstract

Insiders who seek to destroy, steal, or leak sensitive information pose a serious threat to enterprises. An insider threat is an individual with authorized access to an organization’s network, system, or data and who intentionally (or unintentionally) misuses that access to negatively affect the confidentiality, integrity, or availability of the organization’s information or information systems. Annual industry surveys consistently show that insiders pose the second greatest cybersecurity threat, exceeded only by hackers, and that insider attacks are the costliest to organizations. Spanning nearly two decades of research, a strong theme of my research has been to develop insider threat models that integrate relevant human behavioral and psychological factors with technical factors associated with host and network cybersecurity monitoring systems.

This lecture will discuss research on sociotechnical factors for insider threat and continuing challenges to identify, integrate, and validate cyber and behavioral indicators of insider threat risk into effective detection and mitigation approaches. I will describe a comprehensive ontology of sociotechnical and organizational factors for insider threat (SOFIT) and the current state of research attempting to define qualitative and quantitative models for insider threat assessment. Also discussed are several possible tech-transfer application concepts to show how the ontology may be used by the insider threat research and operational communities.

Speaker Bio

Frank GreitzerFrank L. Greitzer, Ph.D., is owner and Principal Scientist of PsyberAnalytix, which performs consulting in applied cognitive and behavioral systems engineering and analysis, with a focus on cybersecurity and insider threat domains. Dr. Greitzer holds a PhD degree in Mathematical Psychology with specialization in memory and cognition and a BS degree in Mathematics.  His current research interests are in characterizing human behavioral factors to help identify and mitigate insider threats to IT enterprises. Most recently, he has been leading a multidisciplinary group of researchers to develop a comprehensive ontology to support enterprise modeling for insider threat assessment, which is the focus of today’s lecture. Prior to founding PsyberAnalytix in 2012, Dr. Greitzer served as a Chief Scientist at the Department of Energy’s Pacific Northwest National Laboratory, where he conducted R&D in human-information analysis for diverse problem domains and led the R&D focus area of Cognitive Informatics, which addresses human factors and social/behavioral science challenges through modeling and advanced engineering/computing approaches.  Dr. Greitzer has chaired or served on several conference and workshop program committees in cybersecurity and insider threat, and he serves as a peer reviewer for several journals in cybersecurity and computer security domains.

Upcoming Events