Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders
• Technical Note
Publisher
Software Engineering Institute
CMU/SEI Report Number
CMU/SEI-2013-TN-013DOI (Digital Object Identifier)
10.1184/R1/6575015.v1Topic or Tag
Abstract
This paper describes an analysis that justifies applying the pattern "Increased Review for Intellectual Property (IP) Theft by Departing Insiders." The pattern helps organizations plan, prepare, and implement a strategy to mitigate the risk of insider theft of IP. The analysis shows that organizations can reduce their risk of insider theft of IP through increased review of departing insiders' actions during a relatively small window of time prior to their departure. Preliminary research results show that approximately 70% of insider IP thieves can be caught by following the pattern's recommendation of reviewing insiders' actions for theft events during only the last two months of their employment. These results provide practical guidance for practitioners wishing to fine tune the application of the pattern for their organizations. "Increased Review for IP Theft by Departing Insiders" is part of the CERT(R) Insider Threat Center's evolving library of enterprise architectural patterns for mitigating the insider threat, based on the Center's collected data. The Center's larger goal is to foster greater organizational resilience to insider threat, using repeated application of patterns from the library.
Cite This Technical Note
Moore, A., McIntire, D., Mundie, D., & Zubrow, D. (2013, March 1). Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders. (Technical Note CMU/SEI-2013-TN-013). Retrieved December 21, 2024, from https://doi.org/10.1184/R1/6575015.v1.
@techreport{moore_2013,
author={Moore, Andrew and McIntire, David and Mundie, David and Zubrow, David},
title={Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders},
month={{Mar},
year={{2013},
number={{CMU/SEI-2013-TN-013},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6575015.v1},
note={Accessed: 2024-Dec-21}
}
Moore, Andrew, David McIntire, David Mundie, and David Zubrow. "Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders." (CMU/SEI-2013-TN-013). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, March 1, 2013. https://doi.org/10.1184/R1/6575015.v1.
A. Moore, D. McIntire, D. Mundie, and D. Zubrow, "Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Note CMU/SEI-2013-TN-013, 1-Mar-2013 [Online]. Available: https://doi.org/10.1184/R1/6575015.v1. [Accessed: 21-Dec-2024].
Moore, Andrew, David McIntire, David Mundie, and David Zubrow. "Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders." (Technical Note CMU/SEI-2013-TN-013). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Mar. 2013. https://doi.org/10.1184/R1/6575015.v1. Accessed 21 Dec. 2024.
Moore, Andrew; McIntire, David; Mundie, David; & Zubrow, David. Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders. CMU/SEI-2013-TN-013. Software Engineering Institute. 2013. https://doi.org/10.1184/R1/6575015.v1