PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
January 2009

Insider threat mitigation and detection: A model for committing fraud

On almost any given day you can find a news story about an employee who has gone bad and committed fraud or damaged an organization. Insider threat is a timeless problem. It's always been there and it always will be there. Why? Because companies need to trust their employees in order to stay in business. The most widely accepted model for explaining why people commit fraud is the fraud triangle created by noted criminologist and sociologist Dr. Donald Cressey in the early 1950s. According to Cressey, three factors must be present at the same time in order for someone to commit a security breach: pressure or motivation, rationalization and opportunity. Today's electronic society has changed this model. In Cressey's time the incentive was mostly financial, but now there are many other reasons why a person may bypass security or commit fraud. In the early days of IT, hackers wanted fame or were just curious to see if they could pull off an exploit. These days the motive may be revenge against the company or an employee, which is ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

  • Product Review: Cenzic Hailstorm Enterprise ARC 5.7

    Web application security has moved from a niceto- have to a must-have requirement, for data protection and compliance. Cenzic's Hailstorm, which we last reviewed in 2005, reflects the growth in the depth and maturity of Web application vulnerability assessment software.

  • Product Review: GoldKey Secure USB Token

    The GoldKey Secure USB Token works with Windows and Macintosh operating systems to provide a secure place to stash encryption keys for virtual disks. By keeping encryption keys on a small, removable USB token, GoldKey simplifies the task of locking away important information on laptops and encourages good security behaviors.

  • Product Review: Hedgehog Enterprise 2.2

    Eight years after the release of Microsoft SQL 2000, we're still looking for help from bolt-on security product vendors to harden and protect critical production database servers. Sentrigo's Hedgehog Enterprise 2.2 is designed to monitor and protect against known and unknown database threats.

Columns in this issue