Understanding the Perspectives of Information Security Managers on
Insider Threat
Abstract
Insider threat is one of the main issues faced by organizations as
information systems become inherent to the success and competitiveness
of businesses in contemporary environments. However, there is
insufficient understanding of the phenomenon of insider threat by
information security managers responsible for ensuring the availability,
confidentiality, and integrity of data and information systems.
Therefore, it is crucial to address issues related to insider threat.
The focus of this phenomenological qualitative research was on the lived
experiences of information security managers’ perceptions,
understanding, and how they employ mechanisms to reduce cyber-crimes
perpetrated in U.S. East Coast organizations. The research questions
examined how information technology (IT) managers experienced and
understood insider threats and how their experiences and understanding
shaped their behavior to curb insider threat. The social control theory
was useful for the purpose of explaining the reasons why individuals
with legitimate access could decide to exploit vulnerabilities in the
critical assets of businesses. Twelve participants, all IT security
managers, selected through purposive sampling for semi-structured
one-to-one interview, took part in the study. Findings from the study
indicated that malicious insider threats pose a growing risk to
organizations and inadvertent insider threats were more common but less
damaging than malicious insider threats. Further, insider threats were
associated with disgruntled employees who committed sabotage or theft to
meet financial needs and revenge. Experience and understanding of
insider threats influenced IT managers to advocate for the
implementation of training to raise awareness of security policies to
deter insider threats. Based on the findings, IT security managers
should use technical and administrative approaches to prevent, detect,
and monitor systems to control insider threats.