A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders

A research project at the CERT® Program is identifying enterprise architectural patterns to protect against the insider threat to organizations. This report presents an example of such a pattern—Increased Monitoring for Intellectual Property (IP) Theft by Departing Insiders—to help organizations plan, prepare, and implement a means to mitigate the risk of insider theft of IP. Our case data shows that many insiders who stole IP did so within 30 days of their termination. Based on this insight, this pattern helps reduce that risk through increased monitoring of departing insiders during their last 30 days of employment. The increased monitoring suggested by the pattern is above and beyond what might be required for a baseline organizational detection of potentially malicious insider actions. Future work will include development of a library of enterprise architectural patterns for mitigating the insider threat based on the data we have collected. Our goal is for organizational resilience to insider threat to emerge from repeated application of patterns from the library.

PDF [183 KB]

Authors

Andrew P. Moore

Michael Hanley

Dave Mundie

This report is related to the following area(s) of work:

Security and Survivability

Technical Report
CMU/SEI-2012-TR-008
April 2012

Cite This Report

SEI:

Moore, Andrew; Hanley, Michael; & Mundie, David. A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders (CMU/SEI-2012-TR-008). Software Engineering Institute, Carnegie Mellon University, 2012. http://www.sei.cmu.edu/library/abstracts/reports/12tr008.cfm

IEEE:

A. Moore, M. Hanley, and D. Mundie, "A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Report CMU/SEI-2012-TR-008, 2012. http://www.sei.cmu.edu/library/abstracts/reports/12tr008.cfm

APA:

Moore, A., Hanley, M., & Mundie, D. (2012). A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders (CMU/SEI-2012-TR-008). Retrieved June 20, 2013, from the Software Engineering Institute, Carnegie Mellon University website: http://www.sei.cmu.edu/library/abstracts/reports/12tr008.cfm

CHI:

Moore, Andrew, Michael Hanley, and David Mundie. A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders (CMU/SEI-2012-TR-008). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2012. http://www.sei.cmu.edu/library/abstracts/reports/12tr008.cfm

MLA:

Moore, A., Hanley, M., & Mundie, D. 2012. A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders (Technical Report CMU/SEI-2012-TR-008). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://www.sei.cmu.edu/library/abstracts/reports/12tr008.cfm

Find Us Here

Find us on Youtube  Find us on LinkedIn  Find us on twitter  Find us on Facebook

Share This Page

Share on Facebook  Send to your Twitter page  Save to del.ico.us  Save to LinkedIn  Digg this  Stumble this page.  Add to Technorati favorites  Save this page on your Google Home Page 

For more information

Contact Us

info@sei.cmu.edu

412-268-5800

Help us improve

Visitor feedback helps us continually improve our site.

Please tell us what you
think with this short
(< 5 minute) survey.