Exploring insider threats using organisational performance framework in Malaysian manufacturing case
The threats that insiders pose to businesses, institutions, and governmental organisations continue to be of serious concern. Recent industry surveys and academic literature provide unequivocal evidence to support the significance of this threat and its prevalence. Mitigating insider threats is a ch...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English English |
| Published: |
2024
|
| Online Access: | http://eprints.utem.edu.my/id/eprint/28380/1/Exploring%20insider%20threats%20using%20organisational%20performance%20framework%20in%20Malaysian%20manufacturing%20case.pdf http://eprints.utem.edu.my/id/eprint/28380/2/Exploring%20insider%20threats%20using%20organisational%20performance%20framework%20in%20Malaysian%20manufacturing%20case.pdf http://eprints.utem.edu.my/id/eprint/28380/ https://plh.utem.edu.my/cgi-bin/koha/opac-detail.pl?biblionumber=124295 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The threats that insiders pose to businesses, institutions, and governmental organisations continue to be of serious concern. Recent industry surveys and academic literature provide unequivocal evidence to support the significance of this threat and its prevalence. Mitigating insider threats is a challenging task, which may have been the biggest problem for most organisations without them realising it. Henceforth, this study gauged the employees’ agreement level toward the recommended practices to mitigate insider threats by understanding the characteristics of potential insider threats and their impact on organisational performance. The recommended practices were derived from the Common-Sense Guide to Understanding the Characteristics of Insider Threats guide produced by CMU-CERT – Carnegie Melon University, Computer Emergency Response Team. It offers an effective, possible approach from identifying to understanding cerinsider threats and a framework for characterising the attacks. Inspired from the guide, this study suggests the Characterising Insider Threat as the on-going and cyclic processes to deter and detect potential employees bound to become fraudsters or perpetrators in violating the access and trust given by the employer that will impact organisational performance. Validation of the proposed framework was conducted through a triangualtion method, combining distributed questionnaires to respondents and surveys with in-depth interviews and small-group discussions involving three expert panels from Malaysia's manufacturing industry. This triangulation method, augmented by a semi-qualitative approach, facilitated a nuanced exploration of employees' perceptions and experiences regarding insider threats and the effectiveness of recommended mitigation practices. Analysis of data collected from 352 respondents underscored the importance of recognising and addressing six critical factors—Psychological State, Personality Characteristics, Historical Behavior, Motivation to Attack, Skill Set and Opportunity, and the role of Precipitating Events—as essential components of an effective insider threat mitigation strategy. The findings suggest that organisational efforts to identify and suppress these factors can play a pivotal role in mitigating the risk of insider threats and safeguarding organisational reputation and performance. In conclusion, this study offers valuable insights into the acceptance of recommended practices for mitigating insider threats and highlights the importance of organisational vigilance and resilience. By leveraging the proposed framework and insights from industry experts, organizations can enhance their capacity to identify, deter, and respond to insider threats effectively, thereby fostering a culture of trust and accountability conduconducive to sustained success. |
|---|