Organizational vulnerability to insider threat: what do Australian experts say?

Bedford, Justine and van der Laan, Lucas ORCID: https://orcid.org/0000-0003-2275-8974 (2016) Organizational vulnerability to insider threat: what do Australian experts say? In: 18th International Conference on Human-Computer Interaction (HCI 2016), 17-22 July 2016, Toronto, Canada.


Abstract

Approaches to the study of organisational vulnerabilities to intentional insider threat has been narrow in focus. Cyber security research has dominated other forms of insider threat research [1]. However, within the scope of cyber security, the effort is predominantly focused on external threats or technological mitigation strategies. Deeper understanding of organisational vulnerabilities influencing in-sider threat and responses to insider threats beyond technological security re-mains limited in Australia. Despite the increasing potential threat and impact of such risk to organisations, empirical studies remain rare. This paper presents an initial study related to identifying organisational vulnerabilities associated with in-tentional insider threat. A Delphi Method was employed as part of a broader mixed methods study. There was a strong consensus amongst Australian experts as to the primary organisational vulnerabilities to insider threat. These main risks extend across personnel, process, technological and strategic (resource allocation) domains. The organisational vulnerabilities identified by Australian experts is consistent with research, literature, and guidelines, available from other countries. The results confirm the need to look beyond the narrow focus on individuals and technology in order to fully address the insider threat problem. Whilst only pre-liminary results are presented here, future analysis of data will focus on identify-ing best practice solutions for the Australian market.


Statistics for USQ ePrint 29678
Statistics for this ePrint Item
Item Type: Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)
Refereed: Yes
Item Status: Live Archive
Additional Information: Permanent restricted access to Published version, in accordance with the copyright policy of the publisher.
Faculty/School / Institute/Centre: Historic - Faculty of Business, Education, Law and Arts - School of Linguistics, Adult and Specialist Education (1 Jul 2013 - 30 Jun 2019)
Faculty/School / Institute/Centre: Historic - Faculty of Business, Education, Law and Arts - School of Linguistics, Adult and Specialist Education (1 Jul 2013 - 30 Jun 2019)
Date Deposited: 15 Mar 2017 03:00
Last Modified: 27 Oct 2021 02:48
Uncontrolled Keywords: insider threat, organizational vulnerability, cyber threat, risk management, technological security
Fields of Research (2008): 15 Commerce, Management, Tourism and Services > 1503 Business and Management > 150310 Organisation and Management Theory
Fields of Research (2020): 35 COMMERCE, MANAGEMENT, TOURISM AND SERVICES > 3507 Strategy, management and organisational behaviour > 350709 Organisation and management theory
35 COMMERCE, MANAGEMENT, TOURISM AND SERVICES > 3507 Strategy, management and organisational behaviour > 350717 Stakeholder engagement
Socio-Economic Objectives (2020): 15 ECONOMIC FRAMEWORK > 1503 Management and productivity > 150302 Management
Identification Number or DOI: https://doi.org/10.1007/978-3-319-40548-3_77
URI: http://eprints.usq.edu.au/id/eprint/29678

Actions (login required)

View Item Archive Repository Staff Only