A canonical analysis of intentional information security breaches by insiders

Shropshire, Jordan

doi:10.1108/09685220910993962

Cited by 22 publications

(13 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Of some significance, however, is the fact that phenomena which exist temporally prior to deterrence have rarely been addressed by IS security researchers. Indeed, only two papers by Straub (1990) and Shropshire (2009) have considered such phenomena by examining the issue of motive.…”

Section: Computer Abuse Timelinementioning

confidence: 99%

“…Such violations, although significant, are often dwarfed by a major insider abuse event in terms of their cost to the enterprise. Admittedly, there exists research which has focussed on the insider threat in terms of their motivation (Shropshire 2009;Straub 1990), deterrence (D'Arcy et al 2009;Harrington 1996;Hoffer and Straub 1989;Straub 1990;Straub et al 1992;Straub and Welke 1998), intention to offend (Foltz 2000;Lee and Lee 2002;Lee et al 2004;Workman and Gathegi 2007), and prevention (Willison 2002(Willison , 2006Willison and Backhouse 2006;Willison and Siponen 2009). However, this body of work is relatively modest when compared with the compliance literature, and warrants further consideration (Mahmood et al 2010;Warkentin and Willison 2009).…”

Section: Introduction: Is Security Threatsmentioning

confidence: 99%

See 1 more Smart Citation

Beyond Deterrence: An Expanded View of Employee Computer Abuse

Willison

Warkentin

2013

MISQ

350

268

View full text Add to dashboard Cite

Whether motivated by greed, disgruntlement, or other psychological processes, this act has the greatest potential for loss and damage to the employer. We argue the focus must include not only the act and its immediate antecedents of intention (to commit computer abuse) and deterrence (of the crime), but also phenomena which temporally precede these areas. Specifically, we assert the need to consider the thought processes of the potential offender and how these are influenced by the organizational context, prior to deterrence. We believe the interplay between thought processes and this context may significantly impact the efficacy of IS security controls, specifically deterrence safeguards. Through this focus, we extend the Straub and Welke (1998) security action cycle framework and propose three areas worthy of empirical investigation-techniques of neutralization (rationalization), expressive/instrumental criminal motivations, and disgruntlement as a result of perceptions of organizational injustice-and propose questions for future research in these areas.

show abstract

Section: Computer Abuse Timelinementioning

confidence: 99%

Section: Introduction: Is Security Threatsmentioning

confidence: 99%

Beyond Deterrence: An Expanded View of Employee Computer Abuse

Willison

Warkentin

2013

MISQ

350

268

View full text Add to dashboard Cite

show abstract

“…Retaliatory behaviors may include but are not limited to calling in sick when not ill, gossiping about one's boss or coworkers, wasting company materials, damaging equipment or work processes. Shropshire (2009) recently conducted a canonical analysis of sixty-two intentional security breaches by insiders. His study indicated a positive correlation between four general variables and predictions of insider threat, each of which is observable by conscientious managers and/or supervisors.…”

Section: Relevant Researchmentioning

confidence: 99%

Identifying at-risk employees: A behavioral model for predicting potential insider threats

Greitzer¹,

Kangas²,

Noonan³

et al. 2010

View full text Add to dashboard Cite

SummaryA model was developed to assess employees' behavioral manifestations of a number of psychological and personality predispositions that are hypothesized to indicate an increased risk of insider abuse. This psychosocial model is based on case studies and research literature on factors and correlates associated with behavioral precursors of individuals committing insider crimes. In many of these crimes, managers and other coworkers observed that the offenders had exhibited signs of stress, disgruntlement, or other issues, but no alarms were raised. Barriers to using such psychosocial indicators include the inability to recognize the signs and the failure to record the behaviors so that they can be assessed.The model has been implemented as a Bayesian belief network, designed with the help of human resources staff experienced in evaluating workplace behaviors. We conducted an experiment to assess the agreement of the model's risk assessment output with judgments of human resources and management professionals on the relative insider threat risks of a collection of sample scenarios. The model exhibited strong agreement with judgments of the human experts, suggesting that it has potential as a tool to raise an alarm about employees who pose higher insider threat risks. While additional testing is needed, we suggest that combining this type of analysis with more traditional cyber/workstation monitoring tools can ease the processing burden and improve performance of computer-assisted insider threat monitoring and detection.v

show abstract

“…Typically, technical measures can assure to some extent the security against outside attacks by, e.g., general cryptographic protocols [1] and tailor-made protocols for particular application, e.g., for privacy in medicine [2], [3]. Operational security [4], [5] on the one hand and threats by insiders [6], [7] on the other hand remain the main source of concern.…”

Section: Introductionmentioning

confidence: 99%

“…Previous work on insider threats focused on identification [8]–[11], behavioral effects [6], [12], [13], particular areas of threat mitigation [14], or interfering with malicious behavior [15].…”

Section: Introductionmentioning

confidence: 99%

Resilience to Leaking — Dynamic Systems Modeling of Information Security

Hamacher

2012

PLoS ONE

View full text Add to dashboard Cite

Leaking of confidential material is a major threat to information security within organizations and to society as a whole. This insight has gained traction in the political realm since the activities of Wikileaks, which hopes to attack ‘unjust’ systems or ‘conspiracies’. Eventually, such threats to information security rely on a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for ‘just’ and ‘unjust’ entities. Such biological metaphors are almost exclusively based on the economic advantage of participants. Here, I introduce a mathematical model of the complex dynamics implied by leaking. The complex interactions of adversaries are modeled by coupled logistic equations including network effects of econo-communication networks. The modeling shows, that there might arise situations where the leaking envisioned and encouraged by Wikileaks and the like can strengthen the defending entity (the ‘conspiracy’). In particular, the only severe impact leaking can have on an organization seems to originate in the exploitation of leaks by another entity the organization competes with. Therefore, the model suggests that leaks can be used as a `tactical mean’ in direct adversary relations, but do not necessarily increase public benefit and societal immunization to ‘conspiracies’. Furthermore, within the model the exploitation of the (open) competition between entities seems to be a more promising approach to control malicious organizations : divide-et-impera policies triumph here.

show abstract

A canonical analysis of intentional information security breaches by insiders

Cited by 22 publications

References 32 publications

Beyond Deterrence: An Expanded View of Employee Computer Abuse

Beyond Deterrence: An Expanded View of Employee Computer Abuse

Identifying at-risk employees: A behavioral model for predicting potential insider threats

Resilience to Leaking — Dynamic Systems Modeling of Information Security

Contact Info

Product

Resources

About