search menu icon-carat-right cmu-wordmark

A Preliminary Model of Insider Theft of Intellectual Property

June 2011 Technical Note
Andrew P. Moore, Dawn Cappelli, Thomas C. Caron (John Heinz III College, School of Information Systems Management, Carnegie Mellon University), Eric D. Shaw, Derrick Spooner, Randall F. Trzeciak

In this report, the authors describe general observations about and a preliminary system dynamics model of insider crime based on our empirical data.

Publisher:

Software Engineering Institute

CMU/SEI Report Number

CMU/SEI-2011-TN-013

Abstract

A study conducted by the CERT Program at Carnegie Mellon University’s Software Engineering Institute analyzed hundreds of insider cyber crimes across U.S. critical infrastructure sectors. Follow-up work involved detailed group modeling and analysis of 48 cases of insider theft of intellectual property. In the context of this paper, insider theft of intellectual property includes incidents in which the insider’s primary goal is stealing confidential or proprietary information from the organization. This paper describes general observations about and a preliminary system dynamics model of this class of insider crime based on our empirical data. This work generates empirically based hypotheses for validation and a basis for identifying mititgative measures in future work.