{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,12]],"date-time":"2026-06-12T16:13:47Z","timestamp":1781280827219,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":3,"publisher":"ACM","license":[{"start":{"date-parts":[[2008,5,12]],"date-time":"2008-05-12T00:00:00Z","timestamp":1210550400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2008,5,12]]},"DOI":"10.1145\/1413140.1413158","type":"proceedings-article","created":{"date-parts":[[2008,9,30]],"date-time":"2008-09-30T13:03:19Z","timestamp":1222779799000},"page":"1-3","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":77,"title":["Defining the insider threat"],"prefix":"10.1145","author":[{"given":"Matt","family":"Bishop","sequence":"first","affiliation":[{"name":"UC Davis, Davis, CA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Carrie","family":"Gates","sequence":"additional","affiliation":[{"name":"CA Labs, Islandia, NY"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2008,5,12]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1146269.1146288"},{"key":"e_1_3_2_2_2_1","volume-title":"Understanding the insider threat: Proceedings of a march 2004 workshop. Technical report","author":"Brackney R.","year":"2004","unstructured":"R. Brackney and R. Anderson . Understanding the insider threat: Proceedings of a march 2004 workshop. Technical report , RAND Corporation , Santa Monica, CA , March 2004 . R. Brackney and R. Anderson. Understanding the insider threat: Proceedings of a march 2004 workshop. Technical report, RAND Corporation, Santa Monica, CA, March 2004."},{"key":"e_1_3_2_2_3_1","volume-title":"Guidance Software","author":"Patzakis J.","year":"2003","unstructured":"J. Patzakis . New incident response best practices: Patch and proceed is no longer acceptable incident response. Technical report , Guidance Software , Pasadena, CA , September 2003 . J. Patzakis. New incident response best practices: Patch and proceed is no longer acceptable incident response. Technical report, Guidance Software, Pasadena, CA, September 2003."}],"event":{"name":"CSIIRW '08: Cyber Security and Information Intelligence Research Workshop","location":"Oak Ridge Tennessee USA","acronym":"CSIIRW '08"},"container-title":["Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1413140.1413158","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1413140.1413158","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:30:12Z","timestamp":1750253412000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1413140.1413158"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,5,12]]},"references-count":3,"alternative-id":["10.1145\/1413140.1413158","10.1145\/1413140"],"URL":"https:\/\/doi.org\/10.1145\/1413140.1413158","relation":{},"subject":[],"published":{"date-parts":[[2008,5,12]]},"assertion":[{"value":"2008-05-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}