150 likes | 163 Views
Learn about information system misuse by insiders, countermeasures, measuring effectiveness, survey methodology, results, and conclusions. Discover the significance of security awareness programs, policies, and preventive software in deterring misuse.
E N D
DETERRING INTERNAL INFORMATION SYSTEMS MISUSE EECS711 : Security Management and Audit Spring 2010 Presenter : Amit Dandekar Instructor : Dr. Hossein Saiedian
Contents • Information system misuses by insiders • Counter measures • Measuring effectiveness of counter measures • Survey methodology • Survey results • Survey conclusions • Conclusion
Information system misuse by insiders • Misuses of information system (IS) resources • Largely due to intentional actions of legitimate users • 70% of breaches involving loss of more than 100k are internal per a study • Result in financial loss and other negative consequences • Misuses likely to persist due to increasing user sophistication and availability of tools
Counter measures • Counter measures • Procedural controls • Security policy • Security awareness programs • Technical controls • Computer monitoring software • Preventive security software
Measuring effectiveness of counter measures • Survey studies deterrent effect of these measures on IS misuse intentions • Web based survey • 579 users from eight organizations from variety of industries • 44% companies with 10,000 or more employees • Two parts of survey • Examine awareness countermeasures • Examine effects of awareness on IS misuse
Survey methodology • Measure awareness of four security countermeasures • Measured on seven point scales • one = strongly disagree, seven = strongly agree
Survey methodology • Measure user intentions to misuse IS resources • Measures likelihood of engaging in misuse behavior
Survey results • Respondents least aware of security awareness programs
Survey results • Security awareness programs have most deterrent effect
Survey results • Security awareness programs • Most deterrent effect on IS misuse • Security policy • Significant deterrent effect • Preventive security software • Significant deterrent effect • Computer monitoring software • No significant deterrent effect
Survey conclusion • Security awareness programs need to get larger budget than other countermeasures • Most deterrent effect but least deployed security counter measure • Security policy statements and guidelines is effective deterrent • Introduce employees to policies as early as possible • Display policies prominently
Survey conclusion • Preventive security software are significant deterrent • Increase users fear of detection • Deterrent effect is above and beyond its core functionality • Organizations should make concerted effort to alert employees of latest technological solutions protecting IS resources • E.g. provide real time feedback during password construction
Survey conclusion • Computer monitoring software is insignificant deterrent • Users do not equate monitoring to being caught • Users doubted if audit logs were monitored regularly • Users doubt if punishment will be severe
Conclusion • Following three measures significantly deter user’s IS misuse intentions • Security awareness program • Security policy • Preventive security software • Monitoring end user activities has least effect • Combination of proactive and preventive approach is most effective in deterring users from IS misuse
References D'Arcy, J. and Hovav, A. 2007. Deterring internal information systems misuse. Commun. ACM 50, 10 (Oct. 2007), 113-117.