Search for collections on Wintec Research Archive

A unified classification model to insider threats to information security


[thumbnail of Article] PDF (Article)
ACIS 2020 - SP NT - A Unified Classification Model to Insider Threats to Information Security.pdf - Submitted Version

Download (492kB)


Prior work on insider threat classification has adopted a range of definitions, constructs, and terminology, making it challenging to compare studies. We address this issue by introducing a unified insider threat classification model built through a comprehensive and systematic review of prior work. An insider threat can be challenging to predict, as insiders may utilise motivation, creativity, and ingenuity. Understanding the different types of threats to information security (and cybersecurity) is
crucial as it helps organisations develop the right preventive strategies. This paper presents a thematic
analysis of the literature on the types of insider threats to cybersecurity to provide cohesive definitions
and consistent terminology of insider threats. We demonstrate that the insider threat exists on a
continuum of accidental, negligent, mischievous, and malicious behaviour. The proposed insider threat classification can help organisations to identify, implement, and contribute towards improving
their cybersecurity strategies.

Item Type: Item presented at a conference, workshop or other event, and published in the proceedings
Uncontrolled Keywords: Cybersecurity, Information security, Human Factors, Insider threats
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Schools > Centre for Business, Information Technology and Enterprise > School of Information Technology
Depositing User: Sunitha Prabhu
Date Deposited: 25 Jan 2021 20:36
Last Modified: 21 Jul 2023 09:10

Actions (login required)

View Item
View Item