Contextualising the insider threat: a mixed method study
View/ Open
Date
2016-12-10Author
Browne, Sean
Lang, Michael
Golden, William
Metadata
Show full item recordUsage
This item's downloads: 163 (view details)
Recommended Citation
Browne, Sean, Lang, Michael, & Golden, William. (2016). Contextualising the insider threat: a mixed method study. Paper presented at the 11th Pre-ICIS Workshop on Information Security and Privacy (SIGSEC), Dublin, Ireland, 10 December.
Abstract
The insider threat is potentially the most damaging and costly threat to organisations, and
while there is a considerable body of literature aimed at understanding this phenomenon, we
contend that the theories contained in such literature are most beneficial if they can be utilised
in a way that is contextually relevant. Our research, and this paper, is specifically focussed on
developing and improving this contextual validity. We find that malicious acts arising from
disgruntlement are perceived as very real problems in practice. We also present a current list
of non-malicious aberrant behaviours and show how they rank in relative seriousness to one
another. Given that the primary motivation for conducting this study is the view that reliance
on the traditional conceptualisation of a boundary or perimeter is no longer viable, our
essential contribution lies in devising a series of vignettes that empirically reflect this current
contextual validity.