Publication:
DO INNOVATIVE THINKERS POSE AN INCREASED INSIDER THREAT?: A PRELIMINARY ANALYSIS

Loading...
Thumbnail Image
Authors
Humphrey, Adam
Subjects
insider threat
innovation
innovator
cyber security
cyber
data breach
spy
witting insider
unwitting insider
information technology
security
malicious insiders
non-malicious insiders
governance
risk management
compliance
intentional acts
unintentional acts
unintentional insider threat
UIT
personality
trait affect
psychological factors
human factors
cyber security
organizational security
Advisors
Scott, Gerald R.
Date of Issue
2019-06
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
The malicious insider threat is one of the most nefarious of potential cyber security breaches. There have been egregious insider data thefts in the last 10 years within the government. The Unintentional Insider Threat (UIT)—the individual who is incompetent or careless and accidentally divulges sensitive information—is also a major concern. Today, the Department of Defense (DoD) expends considerable effort to identify both forms of insider threats. Meanwhile, the DoD hopes to recruit innovative information technology personnel to better meet current and emerging cyber threats to national security. Although in its infancy, organizations like the Defense Innovation Unit represent this focused effort. This thesis investigates whether innovative personnel will pose increased insider threat potential. Our preliminary conclusion is that innovative people would not pose more of a malicious insider threat, but the UIT and innovator share one trait together: risk taking. Furthermore, mental health issues and disgruntlement are two traits shared by UIT and malicious insiders. The DoD should explore screening personnel for risk-taking traits, for example with the Balloon Analogue Risk Task (BART). Finally, the DoD should continue to be alert to mental health issues, and first line supervisors should intervene quickly to help disgruntled employees.
Type
Thesis
Description
Series/Report No
Department
Information Sciences (IS)
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections