Insider Threat Detection: A Solution in Search of a Problem
Loading...
Authors
Schoenherr, Jordan Richard
Thomson, Robert
Issue Date
2020-06
Type
Conference presentations, papers, posters
Language
Keywords
organization , insider threat , threat behavior , Cyber Crime
Alternative Title
Abstract
Insider threats (IT) reflect a growing concern in security communities. Despite a rapid increase in the number of papers examining IT, definitions, research methods, models, and critical evaluations are rare. The present paper provides a critical review of these issues. Definitions of insider threat have varied from general: focusing on all forms of organizational deviant behavior, to specific: focusing on individual difference and social context variables. Research methods are based on deductive principles and intuitions of subject matter experts, computational models based on social media activity, and empirical observations based on synthetic or inaccessible data sets, i.e., black data. Following a review of these considerations, we demonstrate that many existing approaches within the behavioral and social sciences can provide more solid foundations to the IT literature. Using insight from research on organizational deviant behaviour and workplace incivility, we conclude by proposing a multidimensional classification system for insider threat SIEVE: severity (S), intentionality (I), type of employee norm violation (EV), and ethicality (E).
Description
Citation
J. R. Schoenherr and R. Thomson, "Insider Threat Detection: A Solution in Search of a Problem," 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), Dublin, Ireland, 2020, pp. 1-7, doi: 10.1109/CyberSecurity49315.2020.9138862.
Publisher
IEEE