Contextualising the insider threat: a mixed method study
MetadataShow full item record
This item's downloads: 128 (view details)
Browne, Sean, Lang, Michael, & Golden, William. (2016). Contextualising the insider threat: a mixed method study. Paper presented at the 11th Pre-ICIS Workshop on Information Security and Privacy (SIGSEC), Dublin, Ireland, 10 December.
The insider threat is potentially the most damaging and costly threat to organisations, and while there is a considerable body of literature aimed at understanding this phenomenon, we contend that the theories contained in such literature are most beneficial if they can be utilised in a way that is contextually relevant. Our research, and this paper, is specifically focussed on developing and improving this contextual validity. We find that malicious acts arising from disgruntlement are perceived as very real problems in practice. We also present a current list of non-malicious aberrant behaviours and show how they rank in relative seriousness to one another. Given that the primary motivation for conducting this study is the view that reliance on the traditional conceptualisation of a boundary or perimeter is no longer viable, our essential contribution lies in devising a series of vignettes that empirically reflect this current contextual validity.