Editor-In-Chief, Counter-Insider Threat Research and Practice (CITRAP)
I'm honored and very pleased to have been selected Editor-in-Chief of a new, peer-reviewed, journal devoted to disseminating empirical research and applied studies across the counter-insider threat research and operational communities. Because the insider threat is fundamentally a human phenomenon, our major aim in focusing the scope of the journal on social and behavioral sciences issues will help to position CITRAP as a thought-leader in the insider threat mission space.
Applying Insider Threat Ontology to an Operational Insider Threat Program
Working with Noblis, I have been serving as a subject-matter expert and consultant in applying the Sociotechnical and Organizational Factors for Insider Threat (SOFIT) ontology, developed in my previous R&D for a government client, to a real-world operational environment.
Insider Threat Research and Knowledge Engineering
This includes numerous projects on behavioral and technical indicators of malicious insider threats to information systems, spanning more than 15 years of research and development. Work with greatest impact has been the discussion of psychological/ behavioral indicators, ethical and privacy issues, and methods/metrics for evaluating effectiveness of detection systems and tools. Most recent research has focused on developing a comprehensive knowledge base of insider threat indicators that supports development of threat assessment models--the Sociotechnical and Organizational Factors for Insider Threat (SOFIT) ontology.
Unintentional Insider Threat
Conducted in collaboration with CMU/CERT, this research focused on identifying potential contributing factors associated with unintentional insider threats: individual(s) with a degree of trust and access to resources or assets within an organization, who (without malicious intent) carry out or facilitate actions that result in potential or actual harm to the organization.
Cyber Friendly Fire
This project, initiated by PNNL and conducted in collaboration with PsyberAnalytix, addressed cognitive factors,research needs, and training implications surrounding the problem of cyber friendly-fire – offensive or defensive cyber/electronic actions that unintentionally harm the mission effectiveness of friendly or neutral forces.
Cybersecurity Expertise and Workforce Development
PsyberAnalytix supported a CMU/CERT research project aiming to characterize cybersecurity expertise and to identify individuals with higher potential to excel in cybersecurity jobs. Results suggest that the most successful individuals possess not only domain-specific knowledge and skills but also certain psychological traits, and that organizational environments must facilitate expertise development.
Cybersecurity Risk Assessment
PsyberAnalytix supported this CMU/CERT research project aiming to improve the network risk assessment process by identifying cybersecurity factors that influence perception of network risk by information assurance and network security professionals. behavioral psychology it consulting information security
This "shredded puzzle" graphic, developed to describe the insider threat assessment process, has served as a conceptual model for, and has guided much of the information analysis and threat assessment research represented in the projects listed here.