An Empirical Comparison of Malicious Insiders and Benign Insiders

IF 2.5 4区管理学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Computer Information Systems Pub Date : 2023-09-11 DOI:10.1080/08874417.2023.2251427

Nan Liang, David P. Biros, Andy Luse

引用次数: 0

Abstract

Malicious insiders continue to pose a significant threat to organizations. With their knowledge, privilege, and access to organizational resources, malicious insiders can attack the organization easier than outsiders, bypassing security measures. Current research about malicious insiders’ traits is often based on a limited number of cases and lacking empirical validation. With few exceptions, most research focuses on the effects of individual traits without investigation of their interactions. To identify the effects of these traits and their interactions, this study employs text mining to analyze 133 real-world malicious insider cases by comparing how the media portray malicious insiders to how the media portray benign insiders. This study sheds light on the predictive power of common traits of malicious insiders. Also, the interaction effects of some traits indicate that although they are not significant at the unary level, their co-occurrence differentiates malicious insiders with benign insiders as portrayed in the media.

查看原文本刊更多论文

恶意内部人员与良性内部人员的实证比较

恶意的内部人员继续对组织构成重大威胁。凭借他们的知识、特权和对组织资源的访问，恶意的内部人员可以比外部人员更容易地攻击组织，绕过安全措施。目前关于恶意内部人员特征的研究往往基于有限的案例，缺乏经验验证。除了少数例外，大多数研究都集中在个体特征的影响上，而没有调查它们之间的相互作用。为了确定这些特征及其相互作用的影响，本研究通过比较媒体如何描绘恶意内部人士和媒体如何描绘良性内部人士，采用文本挖掘来分析133个真实世界的恶意内部人士案例。这项研究揭示了恶意内部人员的共同特征的预测能力。此外，一些特征的相互作用效应表明，尽管它们在一元水平上并不显著，但它们的共存区分了媒体所描绘的恶意内部人员和良性内部人员。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Computer Information Systems COMPUTER SCIENCE, INFORMATION SYSTEMS-

CiteScore

6.80

自引率

7.10%

发文量

审稿时长

>12 weeks

期刊介绍： The Journal of Computer Information Systems (JCIS) aims to publish manuscripts that explore information systems and technology research and thus develop computer information systems globally. We encourage manuscripts that cover the following topic areas: -Analytics, Business Intelligence, Decision Support Systems in Computer Information Systems - Mobile Technology, Mobile Applications - Human-Computer Interaction - Information and/or Technology Management, Organizational Behavior & Culture - Data Management, Data Mining, Database Design and Development - E-Commerce Technology and Issues in computer information systems - Computer systems enterprise architecture, enterprise resource planning - Ethical and Legal Issues of IT - Health Informatics - Information Assurance and Security--Cyber Security, Cyber Forensics - IT Project Management - Knowledge Management in computer information systems - Networks and/or Telecommunications - Systems Analysis, Design, and/or Implementation - Web Programming and Development - Curriculum Issues, Instructional Issues, Capstone Courses, Specialized Curriculum Accreditation - E-Learning Technologies, Analytics, Future