Chapter 4. Insider Fraud

Insider fraud: an insider’s use of IT for the unauthorized modification, addition, or deletion of an organization’s data (not programs or systems) for personal gain, or the theft of information that leads to an identity crime (identity theft, credit card fraud) [Weiland 2010].

Identity crime: the misuse of personal or financial identifiers in order to gain something of value and/or facilitate some other criminal activity.1

1. This definition comes from the Secret Service Web site: www.secretservice.gov/criminal.shtml.

We have two questions for you to consider. First, do you handle information that could be used to commit identity theft or credit card fraud? What would the repercussions be if that information was stolen? ...

Get The CERT® Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.