Start Date

11-8-2016

Description

Malicious insiders continuously pose a great threat to organizations. With their knowledge about the organization, they could launch the attack more easily, resulting more devastating impacts compared to attackers from outside. Literature about the prevention and mitigation of malicious insider threat is limited and most of the extant research treat malicious insiders as a homogeneous group, classifying malicious insiders into categories without empirical testing. We argue that we could not effectively mitigate the malicious insider threats without a full understanding of the taxonomy of malicious insiders. The current study shows that malicious insiders differ in their personal dispositions, also, subtypes of malicious insiders are correlated with certain types of attacks. This research contributes in two closely related aspects: theoretically, findings in this research support the heterogeneity of subjects in malicious insider research; practically, results suggest organizations should employ various protocols to deal with different types of malicious insiders.

Share

COinS
 
Aug 11th, 12:00 AM

Taxonomy of Malicious Insiders: A Proof of Concept Study

Malicious insiders continuously pose a great threat to organizations. With their knowledge about the organization, they could launch the attack more easily, resulting more devastating impacts compared to attackers from outside. Literature about the prevention and mitigation of malicious insider threat is limited and most of the extant research treat malicious insiders as a homogeneous group, classifying malicious insiders into categories without empirical testing. We argue that we could not effectively mitigate the malicious insider threats without a full understanding of the taxonomy of malicious insiders. The current study shows that malicious insiders differ in their personal dispositions, also, subtypes of malicious insiders are correlated with certain types of attacks. This research contributes in two closely related aspects: theoretically, findings in this research support the heterogeneity of subjects in malicious insider research; practically, results suggest organizations should employ various protocols to deal with different types of malicious insiders.