A digital forensic investigation model for insider misuse

It is no longer a hidden fact, that insider misuse, either intentional of unintentional, constitutes grave consequence to business continuity. Detection and prediction of such misuse are however facing practical setbacks, due in part to the relative proximity of an insider to organizational assets, as well as human dynamics in relation to societal dynamics. The Saying of "prevention is better than cure" thus becomes the best option for such misuse mitigation. One way of prevention is deterrence, through investigative capability. This research therefore presents an investigation model for insider misuse mitigation. This model can be strictly applied for identification of the insider emergence, as well as for identification of misuse activities from an insider action. Implementing this model in forensic process can be a breakthrough for digital forensics in insider misuse occurrences