Inside jobs have been a source of critical threats in cyberspace. To manage such insider threats, a proper measurement approach is required for effective risk-based decision-making. The measurement approach should include insider-related information (e.g. the significance of jobs, the position level, the required authority for data, and the type of employment) in order to better measure and analyze insider risks. In this paper, we suggest an approach that takes into account the insider-related information in calculating data leakage risk of insiders in the banking sector. We implement this approach by utilizing real-world data to calculate insider risks. We present an effective risk measurement approach, which we believe can enhance decision-making process for risk management for insider threats.

• 出版日期2016