Percolation Model of Insider Threats to Assess the Optimum Number of Rules
Jeremy Kepner, Vijay Gadepally, Pete Michaleas
TL;DR
This paper models the impact of rules on insider threats using a percolation framework, identifying optimal regulation levels to balance security and functionality in organizational environments.
Contribution
It introduces a Toy Model of work environments linked to a 1D percolation model, revealing regimes of regulation and providing a method to estimate optimal rule numbers.
Findings
Four regulation regimes identified: under, possibly optimal, tipping-point, over-regulated.
Model mapping allows generalization to complex systems.
Estimating N and Lmin can determine an environment's regulation regime.
Abstract
Rules, regulations, and policies are the basis of civilized society and are used to coordinate the activities of individuals who have a variety of goals and purposes. History has taught that over-regulation (too many rules) makes it difficult to compete and under-regulation (too few rules) can lead to crisis. This implies an optimal number of rules that avoids these two extremes. Rules create boundaries that define the latitude an individual has to perform their activities. This paper creates a Toy Model of a work environment and examines it with respect to the latitude provided to a normal individual and the latitude provided to an insider threat. Simulations with the Toy Model illustrate four regimes with respect to an insider threat: under-regulated, possibly optimal, tipping-point, and over-regulated. These regimes depend up the number of rules (N) and the minimum latitude (Lmin)…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.