Insider Threats

Int Trans Operational Res

2021

When interacting with computers or digital artifacts, individuals tend to replicate interpersonal trust and distrust mechanisms to calibrate their trust. Such mechanisms involve cognitive processes that individuals rely on before making a decision to trust or distrust. With the worldwide increase in email traffic, both the academic literature and professionals warn of insider threats, that is, coming from inside an organization, in particular those created by legitimate users who have decided to trust a phishing email. This article offers a cognitive approach to the decision whether to trust a phishing email. After reviewing the literature on decision making concerning a cognitive perspective, interpretation, trust, distrust, online deception, and insider threats, we present a study conducted on 249 participants designed to ascertain how they interpreted phishing emails and decided whether or not to trust them. We noted that certain elements eliciting trust or distrust remained invariable regardless of the participant. We show examples of phishing emails designed to maximize (or minimize) the decision to trust (or distrust), and lastly consider the limitations and ethical questions raised by this research.

Section: Background Theory and Assumptionsmentioning

confidence: 99%

Section: Unintentional Insider Threats: When Countermeasures Show a L...mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A cognitive approach to the decision to trust or distrust phishing emails

Int Trans Operational Res

2021

“…Authors such as [66] represent a part of the literature on information systems security that tends to pay attention to insider threats, more particularly those whose perpetrators are humans with the intention to cause harm (upper right branch in Figure 2). For authors such as [5], insider threats may be categorized along two dimensions: (1) whether the character of the threat is intentional or not, and (2) whether its character is malicious or not. From the point of view of the employee, who may constitute the entry point into the system, an insider threat can be: The study presented in this article focuses on the manipulation and social engineering techniques that exploit unintentional insider threats (category 1 above).…”

Section: On Insider Threatsmentioning

confidence: 99%

“…Nevertheless, the academic literature as well as industrial professionals consider that a predominant threat is neither technical nor external, but human and inside the organization [54,29,64,66]. Such an insider threat may be intentional or non intentional, malicious or non malicious [35,65,5].…”

Section: Introductionmentioning

confidence: 99%

To Click or Not to Click? Deciding to Trust or Distrust Phishing Emails

Decision Support Systems X: Cognitive Decision Support Systems and Technologies

2020

Self Cite

While the email traffic is growing around the world, such questions often arise to recipients: to click or not to click? Should I trust or should I distrust? When interacting with computers or digital artefacts, individuals try to replicate interpersonal trust and distrust mechanisms in order to calibrate their trust. Such mechanisms rely on the ways individuals interpret and understand information. Technical information systems security solutions may reduce external and technical threats; yet the academic literature as well as industrial professionals warn on the risks associated with insider threats, those coming from inside the organization and induced by legitimate users. This article focuses on phishing emails as an unintentional insider threat. After a literature review on interpretation and knowledge management, insider threats and security, trust and distrust, we present a methodology and experimental protocol used to conduct a study with 250 participants and understand the ways they interpret, decide to trust or to distrust phishing emails. In this article, we discuss the preliminary results of this study and outline future works and directions.

Trusting Security When Sharing Knowledge?

Contributions to Management Science

Rajaonah

Oliveira

2020

Self Cite

This chapter tackles knowledge sharing by focusing on security and trust issues. Although trust is recognized as important in security issues, few studies on information systems (ISs) deal with both trust and security. Knowledge sharing relies on sense-giving and sense-reading processes which require, encourage, and even create trust within individuals. We argue that individuals are processors of information; they interpret information to create their own tacit knowledge. Recent security reports from organizations have presented that the majority of ISs security threats involve employees within the organizations. Individuals, as well as computers, may be attacked through social engineering techniques in order to gain their trust. Despite this evidence, most of work has focused on the control of outsider security threats rather than of insider security threats, particularly when humans are perpetrators. In this chapter, we propose to study insider threats with the factor of trust during knowledge sharing processes. Through their trust-related attitudes and behaviors, knowledge sharers may induce insider threats for security. The proposition is twofold: (1) using interviews and self-report questionnaires to collect information about trust, and (2) defining ontologies to categorize such information about trust. The proposition is then discussed at the end of this chapter, notably in terms of problems and answers leading to study trust in security when sharing knowledge.