The CERT® Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)

Chapter 4. Insider Fraud

Insider fraud: an insider’s use of IT for the unauthorized modification, addition, or deletion of an organization’s data (not programs or systems) for personal gain, or the theft of information that leads to an identity crime (identity theft, credit card fraud) [Weiland 2010].

Identity crime: the misuse of personal or financial identifiers in order to gain something of value and/or facilitate some other criminal activity.¹

1. This definition comes from the Secret Service Web site: www.secretservice.gov/criminal.shtml.

We have two questions for you to consider. First, do you handle information that could be used to commit identity theft or credit card fraud? What would the repercussions be if that information was stolen? ...

Get The CERT® Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The CERT® Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) by Dawn M. Cappelli, Andrew P. Moore, Randall F. Trzeciak

Chapter 4. Insider Fraud

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly