No dark corners : defending against insider threats to critical infrastructure
MetadataShow full item record
An adversary who makes a frontal attack can be anticipated or repulsed. An adversary who attacks from within, however, cannot be so readily countered. This study intends to identify defenses against trust betrayers targeting critical infrastructure. Using a Delphi method, the study develops insights of experts from more mature arenas of defense against insider threats, such as workplace violence and counter-espionage, in order to assist infrastructure stewards with defending against the insider threat to critical infrastructure. The findings uncover flaws in institutional defenses that adversaries can exploit, with infiltrators posing a greater threat than disgruntled insiders. Resulting recommendations run counter to accepted wisdom. These recommendations shape the contours of a No Dark Corners approach that applies and extends seminal theories of Newman's Defensible Space and Kelling's Fixing Broken Windows. No Dark Corners replaces a laser for a flashlight. The laser is a narrow beam of workplace monitoring only by corporate sentinels, or security specialists. The flashlight is a broader beam of employee engagement and monitoring on the front lines at the team level. There are no easy answers. No Dark Corners shows promise in filling the gaps in traditional insider defenses to deliver the victory of ownership over surprise.