Organizational vulnerability to insider threat: what do Australian experts say?

Bedford, Justine and van der Laan, Lucas (2016) Organizational vulnerability to insider threat: what do Australian experts say? In: 18th International Conference on Human-Computer Interaction (HCI 2016), 17-22 July 2016, Toronto, Canada.

Abstract

Approaches to the study of organisational vulnerabilities to intentional insider threat has been narrow in focus. Cyber security research has dominated other forms of insider threat research [1]. However, within the scope of cyber security, the effort is predominantly focused on external threats or technological mitigation strategies. Deeper understanding of organisational vulnerabilities influencing in-sider threat and responses to insider threats beyond technological security re-mains limited in Australia. Despite the increasing potential threat and impact of such risk to organisations, empirical studies remain rare. This paper presents an initial study related to identifying organisational vulnerabilities associated with in-tentional insider threat. A Delphi Method was employed as part of a broader mixed methods study. There was a strong consensus amongst Australian experts as to the primary organisational vulnerabilities to insider threat. These main risks extend across personnel, process, technological and strategic (resource allocation) domains. The organisational vulnerabilities identified by Australian experts is consistent with research, literature, and guidelines, available from other countries. The results confirm the need to look beyond the narrow focus on individuals and technology in order to fully address the insider threat problem. Whilst only pre-liminary results are presented here, future analysis of data will focus on identify-ing best practice solutions for the Australian market.


Statistics for USQ ePrint 29678
Statistics for this ePrint Item
Item Type: Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)
Refereed: Yes
Item Status: Live Archive
Additional Information: Permanent restricted access to Published version, in accordance with the copyright policy of the publisher.
Faculty / Department / School: Current - Faculty of Business, Education, Law and Arts - School of Linguistics, Adult and Specialist Education
Date Deposited: 15 Mar 2017 03:00
Last Modified: 30 May 2017 00:19
Uncontrolled Keywords: insider threat, organizational vulnerability, cyber threat, risk management, technological security
Fields of Research : 15 Commerce, Management, Tourism and Services > 1503 Business and Management > 150310 Organisation and Management Theory
Identification Number or DOI: 10.1007/978-3-319-40548-3_77
URI: http://eprints.usq.edu.au/id/eprint/29678

Actions (login required)

View Item Archive Repository Staff Only