Due to the ever-growing risk of data leakage and sabotage by internal employees, insider threat detection is receiving increasing attention. Solutions are typically asset-centric and rule-based, providing limited detection capabilities and significant maintenance efforts. Content-based anomaly detection over user behavior is an alternative, but raises ethical questions that need to be addressed before deployment. In this contribution, user-centric content-based behavioral anomaly detection utilizing four ethical dimensions reveals that it requires integration with the organization's data privacy organization, a binding code of conduct for administrative personnel, integration with the organization's security incident management and continuous oversight by management.
|Number of pages||15|
|Journal||Journal of Information System Security|
|Publication status||Published - 30 Mar 2017|