Search the Dagstuhl Website
Looking for information on the websites of the individual seminars? - Then please:
Not found what you are looking for? - Some of our services have separate websites, each with its own search option. Please check the following list:
Schloss Dagstuhl - LZI - Logo
Schloss Dagstuhl Services
Within this website:
External resources:
  • DOOR (for registering your stay at Dagstuhl)
  • DOSA (for proposing future Dagstuhl Seminars or Dagstuhl Perspectives Workshops)
Within this website:
External resources:
Within this website:
External resources:
  • the dblp Computer Science Bibliography

Dagstuhl Seminar 08302

Countering Insider Threats

( Jul 20 – Jul 25, 2008 )

(Click in the middle of the image to enlarge)

Please use the following short url to reference this page:


Press Room

Press Reviews


The “insider threat” or “insider problem” has received considerable attention, and is cited as the most serious security problem in many studies. It is also considered the most difficult problem to deal with, because an “insider” has information and capabilities not known to other, external attackers. However, the term “insider threat” is usually either not defined at all, or defined nebulously.

The difficulty in handling the insider threat is reasonable under those circumstances; if one cannot define a problem precisely, how can one approach a solution, let alone know when the problem is solved? It is noteworthy that, despite this imponderability, definitions of the insider threat still have some common elements. For example, a workshop report defined the problem as malevolent (or possibly inadvertent) actions by an already trusted person with access to sensitive information and information systems. Elsewhere, that same report defined an insider as someone with access, privilege, or knowledge of information systems and services. Another report implicitly defined an insider as anyone operating inside the security perimeter—while already the assumption of only having a single security perimeter may be optimistic.

The goal of this Dagstuhl seminar was to bring together researchers and practitioners from different communities to discuss in a multi-national setting what the problems are we care about, what our response is, which factors influence the cost of dealing with insider threats and attacks, and so on. In a time where we barely understand which factors cause insider threats, and our solutions are scattered all over communities, areas, and instruments, this coordinated action between the involved communities seems to be needed more than ever.

This Dagstuhl seminar was, to our knowledge, the first European seminar focusing on insider threats bringing together US and European researchers and practitioners. The five days of the seminar allowed not only for a rich assortment of presentations, but even more importantly for extended discussions, both formal and informal, among the participants. We even had the opportunity for a structured exercise that challenged participants to define specific insider threats, develop the appropriate responses, and critique each others problem-solution formulation.

We would like to thank all participants of the seminar for making it a fruitful and inspiring event—and especially Dagstuhl’s wonderful staff, for their endless efforts, both before and during the seminar, to make the stay in Dagstuhl as successful as possible.

As stated above we believe that the week in Dagstuhl has been influential in heightening awareness among communities for activities and developments. During the seminar many participants expressed the wish for a community website to establish a central focal point, both for communication between communities, but also to the outside, governmental agencies, and companies. This web portal is currently under construction

  • Andre Adelsbach (Telindus S.A. - Luxemburg, LU)
  • Tuomas Aura (Microsoft Research UK - Cambridge, GB)
  • Rebecca Bace (Infidel Inc, US)
  • Matt Bishop (University of California - Davis, US) [dblp]
  • Doina Bucur (University of Oxford, GB)
  • Lizzie Coles-Kemp (RHUL - London, GB) [dblp]
  • Sophie Engle (University of California - Davis, US)
  • Ulrich Flegel (SAP SE - Karlsruhe, DE) [dblp]
  • Deborah A. Frincke (Pacific Northwest National Lab. - Richland, US)
  • Carrie Gates (CA Labs - Islandia, US) [dblp]
  • Dieter Gollmann (TU Hamburg-Harburg, DE) [dblp]
  • Jeffrey Hunker (Carnegie Mellon University, US)
  • Michael Huth (Imperial College London, GB) [dblp]
  • Jan Jürjens (The Open University - Milton Keynes, GB) [dblp]
  • Volker Kozok (Bundesministerium der Verteidigung - Bonn, DE)
  • Matias Madou (Fortify Software Inc. - San Mateo, US)
  • George Magklaras (University of Plymouth, GB)
  • Jan Meier (TU Hamburg-Harburg, DE)
  • Vebjørn Moen (Det Norske Veritas - Stavanger, NO)
  • Sean Peisert (University of California - Davis, US) [dblp]
  • Shari Lawrence Pfleeger (RAND - Arlington, US) [dblp]
  • Joel B. Predd (RAND - Pittsburgh, US)
  • Christian W. Probst (Technical University of Denmark - Lyngby, DK) [dblp]
  • Colby Raley (Strategic Analysis, Inc. - Washington, US)
  • Martina Angela Sasse (University College London, GB) [dblp]
  • Ludwig Seitz (Axiomatics AB - Kista, SE)
  • Sara Sinclair (Dartmouth College - Hanover, US)
  • Salvatore Stolfo (Columbia University, US)
  • Marianthi Theoharidou (Athens University of Economics and Business, GR)
  • Patricia Wolfhope (U. S. Department of Homeland Security - Washington, US)
  • Alec Yasinsac (University of South Alabama, US)

Related Seminars
  • Dagstuhl Seminar 10341: Insider Threats: Strategies for Prevention, Mitigation, and Response (2010-08-22 - 2010-08-26) (Details)
  • Dagstuhl Seminar 12501: Organizational Processes for Supporting Sustainable Security (2012-12-09 - 2012-12-12) (Details)

  • modelling / simulation
  • security / cryptography
  • society / HCI

  • Insider Threat
  • Security Policies
  • Threat Modelling