A Unified Classification Model of Insider Threats to Information Security.
MetadataShow full item record
Prior work on insider threat classification has adopted a range of definitions, constructs, and terminology, making it challenging to compare studies. We address this issue by introducing a unified insider threat classification model built through a comprehensive and systematic review of prior work. An insider threat can be challenging to predict, as insiders may utilise motivation, creativity, and ingenuity. Understanding the different types of threats to information security (and cybersecurity) is crucial as it helps organisations develop the right preventive strategies. This paper presents a thematic analysis of the literature on the types of insider threats to cybersecurity to provide cohesive definitions and consistent terminology of insider threats. We demonstrate that the insider threat exists on a continuum of accidental, negligent, mischievous, and malicious behaviour. The proposed insider threat classification can help organisations to identify, implement, and contribute towards improving their cybersecurity strategies.
Showing items related by title, author, creator and subject.
Munshi, Asmaa; Issa, Tomayess (2012)Threat from internal sources is one of the most serious problems organizations word-wide encounter nowadays as it is difficult to overcome. Currently, all organizations and sectors are facing the insider threats' problems ...
Lozano, F.; Atkins, K.; Moreno Sáiz, J.; Sims, A.; Dixon, Kingsley (2013)Step changes in threat category can be quantified and analyzed in relation to reasons for the change or threat intensity in Red List classifications. First, we studied the reasons contributing to changes in the conservation ...
Munshi, Asmaa Mahdi (2013)This study investigates the factors that influence the insider threat behaviour. The research aims to develop a holistic view of insider threat behaviour and ways to manage it. This research adopts an Explanatory Mixed ...