Insider Threat Analysis Discussion Student’s Name: Institutional Affiliation: Date: Introduction This exercise enacts an insider threat attack at XYZ Financial Corporation, and its goal is to ...

---

Insider Threat Analysis
Discussion
Student’s Name:
Institutional Affiliation:
Date:
Introduction
This exercise enacts an insider threat attack at XYZ Financial Corporation, and its goal is to raise awareness of insider motives and the techniques that may be used to steal data. The goal is twofold: first, as an assessment of the threats that insiders can leverage, and second, as a survey of the measures organizations can take to guard against such threats. Thus, this exercise demonstrates the need for an active security stance by showing insider operations and defense forms.
Identifying Valuable Data and Insider Motivation
Several forms of data are very valuable in XYZ Financial, which may entice insiders: PII, FINANCIAL DATA, and IP. Personal information such as a person's SSN or address can be used for identity theft or fraud. Official records, especially financial, contain transactions, history, and credit card details and are good for financial duplication or misuse. There is usually great business value in proprietary information, especially in the world of finance, and those secrets can be threatened by piracy, thus XYZ's market advantage. Insiders may also be driven by a desire to make a quick buck, a grudge, or simply a chance to use the exposure they gain to such information.
Data is mainly stolen for resale or personal gain by the insiders. Some might act with resentment, for instance, if t