Mitigating Insider Sabotage and Espionage: A Review of the United States Air Force's Current Posture [open pdf - 2MB]
"The security threat from malicious insiders affects all organizations. This problem is difficult due to the fact that there is no definitive profile for malicious insiders, organizations have placed trust in these individuals, and insiders have a vast knowledge of their organization's personnel, policies, and information systems. The purpose of this research is to analyze to what extent the United States Air Force (USAF) security policies address this problem. The policies are reviewed in terms of how well they align with best practices published by Carnegie Mellon University and additional factors this research deems important, including motivations, organizational priorities, and social networks. This research offers actionable recommendations that the USAF could implement in order to better prevent, detect, and respond to insider attacks. The most important course of action is to better utilize its workforce. All personnel should be trained on observable behaviors that can be precursors to malicious activity. Additionally, supervisors need to be the first line of defense, monitoring for stress, unmet expectations, and disgruntlement. This research also proposes three new best practices regarding screening for prior concerning behaviors, predispositions, and technical incidents; issuing sanctions for inappropriate technical acts; and requiring supervisors to take a proactive role."
Defense Technical Information Center (DTIC): http://www.dtic.mil/dtic/