A human factors contribution to countering insider threats: practical prospects from a novel approach to warning & avoiding

Mils Hills, Anjali Anjali

Research output: Contribution to journalArticleResearchpeer-review

Abstract

Any organisation is susceptible to a breach of security from outside: hacking, product contamination, theft of intellectual property and so on. Although all of these are risks to an organisation and can be highly deleterious to its financial health and reputation, the threat posed by a malevolent insider can be even more challenging. Whilst there has been a large quantity of academic articles and industry surveys produced on the theme of Insider Threats - the majority of this published work is descriptive or details the effects of insiders’ actions. This paper provides initial thoughts around some practical and pragmatic steps to being to gain clarity on the challenge of insider threat and how organisations may draw on novel approaches to grow early warning, response and mitigation against Insider Threats. The paper also discusses the importance of security culture and risk communication.
Original languageEnglish
JournalSecurity Journal
Volume30
Issue number1
DOIs
Publication statusPublished - 16 Feb 2017

Fingerprint

threat
risk communication
larceny
intellectual property
environmental pollution
reputation
pragmatics
industry
health

Keywords

  • Insider threat
  • nudge
  • sentinel events
  • early warning
  • weak signals
  • cyber-security
  • cyber-enabled security

Cite this

@article{bfe738cbe1514e818bba3ea4dcb8fb9b,
title = "A human factors contribution to countering insider threats: practical prospects from a novel approach to warning & avoiding",
abstract = "Any organisation is susceptible to a breach of security from outside: hacking, product contamination, theft of intellectual property and so on. Although all of these are risks to an organisation and can be highly deleterious to its financial health and reputation, the threat posed by a malevolent insider can be even more challenging. Whilst there has been a large quantity of academic articles and industry surveys produced on the theme of Insider Threats - the majority of this published work is descriptive or details the effects of insiders’ actions. This paper provides initial thoughts around some practical and pragmatic steps to being to gain clarity on the challenge of insider threat and how organisations may draw on novel approaches to grow early warning, response and mitigation against Insider Threats. The paper also discusses the importance of security culture and risk communication.",
keywords = "Insider threat, nudge, sentinel events, early warning, weak signals, cyber-security, cyber-enabled security",
author = "Mils Hills and Anjali Anjali",
year = "2017",
month = "2",
day = "16",
doi = "10.1057/sj.2015.36",
language = "English",
volume = "30",
journal = "Security Journal",
issn = "0955-1662",
publisher = "Palgrave Macmillan Ltd.",
number = "1",

}

A human factors contribution to countering insider threats: practical prospects from a novel approach to warning & avoiding. / Hills, Mils; Anjali, Anjali.

In: Security Journal, Vol. 30, No. 1, 16.02.2017.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - A human factors contribution to countering insider threats: practical prospects from a novel approach to warning & avoiding

AU - Hills, Mils

AU - Anjali, Anjali

PY - 2017/2/16

Y1 - 2017/2/16

N2 - Any organisation is susceptible to a breach of security from outside: hacking, product contamination, theft of intellectual property and so on. Although all of these are risks to an organisation and can be highly deleterious to its financial health and reputation, the threat posed by a malevolent insider can be even more challenging. Whilst there has been a large quantity of academic articles and industry surveys produced on the theme of Insider Threats - the majority of this published work is descriptive or details the effects of insiders’ actions. This paper provides initial thoughts around some practical and pragmatic steps to being to gain clarity on the challenge of insider threat and how organisations may draw on novel approaches to grow early warning, response and mitigation against Insider Threats. The paper also discusses the importance of security culture and risk communication.

AB - Any organisation is susceptible to a breach of security from outside: hacking, product contamination, theft of intellectual property and so on. Although all of these are risks to an organisation and can be highly deleterious to its financial health and reputation, the threat posed by a malevolent insider can be even more challenging. Whilst there has been a large quantity of academic articles and industry surveys produced on the theme of Insider Threats - the majority of this published work is descriptive or details the effects of insiders’ actions. This paper provides initial thoughts around some practical and pragmatic steps to being to gain clarity on the challenge of insider threat and how organisations may draw on novel approaches to grow early warning, response and mitigation against Insider Threats. The paper also discusses the importance of security culture and risk communication.

KW - Insider threat

KW - nudge

KW - sentinel events

KW - early warning

KW - weak signals

KW - cyber-security

KW - cyber-enabled security

U2 - 10.1057/sj.2015.36

DO - 10.1057/sj.2015.36

M3 - Article

VL - 30

JO - Security Journal

JF - Security Journal

SN - 0955-1662

IS - 1

ER -