The insider threat - understanding the aberrant thinking of the rogue" Trusted Agent"

Abstract

A deficiency exists in the Information Systems Security literature because of the paucity of research aimed at understanding the mind of the insider criminal . Much of the academic and popular press focuses on external breaches but the greatest danger to an organisation lurks within. Whatever the motivation, the trusted agent inside the organisation has the potential to do more damage than an anonymous outsider and it is by increasing our understanding of this threat that we will get greater value for our defence efforts. While acknowledging that a significant number of security incidents are attributable to employees, it is important to remember in an organisational context, that simply increasing security controls and sanctions has previously been shown to be counterproductive. Therefore this research-in-progress takes the approach of increasing our understanding of how such offenders think, through a synthesis of Rational Choice Theory, Deterrence Theory, Neutralisation Theory and elements from Criminological Theory. In deliberately prioritising problems that are important in practice and basing our measures on these priorities we will improve on the contextual relevance of previous studies in this area, thereby making a solid contribution to the field.