AHFE Open AccessA Closer Look at Insider Threat Research
Abstract
Insider threats are a danger to organizations everywhere and no organization is immune to the effects of an insider incident. Organizations suffer from individuals whose actions expose the organization to risk or harm in some ways. This situation includes insiders who intentionally or unintentionally cause actions that bring harm or significantly increases risk to the organization. Insider security breaches have been identified by organizations as a pressing problem with no simple solution. This paper presents a systematic literature review of published, scholarly articles on insider threat research from 2010 to 2020. The focus of this literature review is to survey the topics, methodologies, and theories of current insider threat research. The goal of this literature review is to provide an overview of the trends in insider threat research. Fifty-two studies were identified, and about half the papers dealt with identifying potential insiders through machine learning techniques. The most popular trend was the use of learning-based algorithms, such as neural networks and support vector machines, that classified a user as an insider versus a non-insider. Aside from the popular modeling approach, the other publications included in our review focused on human factors related to insider threat and the common methodology for these papers were the use of surveys and questionnaires. Another trend identified in the literature was the use of behavioral patterns as an insider threat indicator. Lastly, researchers identified best practices for organizations to address insider threats. The outcome of this literature review identified trends, best practices, and knowledge that can be used to further develop insider threat frameworks and methodologies. Furthermore, this literature review presents implications for researchers including challenges, issues, and future research directions.
Keywords: insider threat, cybersecurity, human factors, unintentional insider, intentional insider
DOI: 10.54941/ahfe1002198
Cite this paper
More from this volume
- A Metric to Assist in Detecting International Phishing or Ransomware Cyberattacks
- Insider Threat: Cognitive Effects of Modern Apathy towards Privacy, Trust, and Security
- A Didactic Tool for Digital Forensics
- Social Engineering and Human-Robot Interactions' Risks
- Isolating Key Phrases to Identify Ransomware Attackers
- Information Security Awareness and Training as a Holistic Key Factor – How Can a Human Firewall Take on a Complementary Role in Information Security?
- Cyberdefense Adaptive Training Based on the Classification of Operator Cognitive State
- Exploring Human and Environmental Factors that Make Organizations Resilient to Social Engineering Attacks
- Assessing Human Factors and Cyber Attacks at the Human-Machine Interface: Threats to Safety and Pilot and Controller Performance
- Navigating through Cyber Threats, A Maritime Navigator’s Experience
- A Coherence Model to Outline Obstacles and Success Factors for Information Security from the CISO's Point of View
- Privacy Concerns about Smart Home Devices: A Comparative Analysis between Non-Users and Users