Prabhu, Sunitha and Thompson, Nik (2020) A unified classification model to insider threats to information security. ACIS2020 - 31st Australasian Conference on Information Security, Wellington (Online), 1-4 December, 2020. (In Press)
|
PDF (Article)
- Submitted Version
481Kb |
Official URL: https://www.acis2020.org/about
Abstract or Summary
Prior work on insider threat classification has adopted a range of definitions, constructs, and terminology, making it challenging to compare studies. We address this issue by introducing a unified insider threat classification model built through a comprehensive and systematic review of prior work. An insider threat can be challenging to predict, as insiders may utilise motivation, creativity, and ingenuity. Understanding the different types of threats to information security (and cybersecurity) is crucial as it helps organisations develop the right preventive strategies. This paper presents a thematic analysis of the literature on the types of insider threats to cybersecurity to provide cohesive definitions and consistent terminology of insider threats. We demonstrate that the insider threat exists on a continuum of accidental, negligent, mischievous, and malicious behaviour. The proposed insider threat classification can help organisations to identify, implement, and contribute towards improving their cybersecurity strategies.
| Item Type: | Item presented at a conference, workshop or other event, and published in the proceedings |
|---|---|
| Keywords that describe the item: | Cybersecurity, Information security, Human Factors, Insider threats |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
| Divisions: | Schools > Centre for Business, Information Technology and Enterprise > School of Information Technology |
| ID Code: | 7678 |
| Deposited By: | |
| Deposited On: | 25 Jan 2021 20:36 |
| Last Modified: | 25 Jan 2021 20:36 |
Repository Staff Only: item control page
