The various types of insider threats likely result from different motivations and intentions and involve distinct stakeholders. Thus, a “one size fits all” approach may not be effective for the mitigation of all types of insider threats. In this paper, we take one segment of insiders: the non-malicious, privileged IT users, specifically the IT professionals given “superuser” access. Our goal is to develop a collaborative, multi-disciplinary approach to detect and deter such security threats. We first review the IS Threat Vector Taxonomy where the focus is centered on different types of insider threat. We then take a closer look at non-malicious, privileged IT users and the reasons for noncompliance behavior. Finally, we develop a potential interdepartmental strategy to detect and deter these insider threats.
Liu, Xiang and Murphy, Diane, "They Are Not All Enemies: Detecting and Deterring Non-Malicious, Privileged IT User Threat Using an interdepartmental Approach" (2015). SAIS 2015 Proceedings. 14.