hes would be attributed to the following sources: (Gunn, 1989, p. 62) deliberate attempts at sabotage; employee incompetence; and employee negligence. The Worker Adjustment and Retraining Notification Act (WARN) was passed in 1988. The goal of this legislation was to give workers time to seek other jobs, begin suitable training programs, and give the community a head start on the adjustment process. Computer security professionals believe that this also gives the disgruntled employee time to tamper with company computer and information systems (Betts, 1989, p. 1). This concern is most acutely perceived in the securities, banking, savings and loan, and other industries experiencing layoffs due to financial difficulties, mergers, and/or acquisitions. Certainly, one way to minimize this type of threat is to take away system access privileges from those employees due to be terminated. This would definitely impact productivity but significantly reduce the threat.
In one study, the overwhelming majority of offenders were employees or ex-employees, which reinforces the notion that those with direct system contact are more likely to commit abuses (Hoffer and Straug, 1989, p. 37). Hackers are a threat, but insiders are definitely a more pressing threat. Table I shows a breakdown of the typical offenders.
Offenders' Occupations (Hoffer and Straub, 1989, p. 38)
* Other stands for a general category of nonclerical and nonmanagerial users.
Offenders appear to have been motivated almost equally by desire for personal gain, ignorance of proper professional conduct, and misguided playfulness. A smaller group was motivated by maliciousness. Security administrators may be able to prevent, or at least limit the first three types of abuse, but they will probably not be able to deter the malicious kind. Since malice is like a crime of passion, it is more difficult to deter using the "rational inhibitors" typically available to securi...