Dissertations@Portsmouth - Details for item no. 13739

!   Bibliographic details and abstracts are available to all. Downloads of full-text dissertations are restricted to University of Portsmouth members who must login. MPhils may be accessed by all.

Stott, Matthew Brian (2021) Tackling the insider threat. (unpublished BSc dissertation), University of Portsmouth, Portsmouth

Abstract

As businesses and organisations become more aware of security implications and employ progressively more sophisticated physical and technical security measures, the ability to penetrate an organisation from the outside is becoming increasingly difficult. For those attempting to gain access illegitimately, the recruitment or use of an employee who already has access is now a more attractive and perhaps simpler option.
The purpose of this dissertation was to explore the perception and knowledge of people who work in the security industry regarding the characteristics, behaviours and motivations that are most relatable to an individual involved in insider acts. Also, what mitigation measures are perceived to be the most useful in countering the threat.
A survey was conducted to investigate security professionals’ perception of what characteristics, behaviours and motivations are displayed most by insiders and the best ways to mitigate the threat. The participants were initially recruited using the convenience sampling method of friends and work colleagues and then snowballing sample, asking participants who completed the survey to share it with likeminded people culminating in 133 participants. The survey was created using JISC online surveys and distributed through email and social media platforms such as WhatsApp and LinkedIn. The results were analysed and quantative and qualitative data was identified.
The research found that the most frequent type of insider incident is the unauthorised disclosure of sensitive information. Insider acts are usually carried out by men between 25 and 44. Permanent staff working in an operations and production role are most likely to be involved in an incident with the main motivation being financial gain. An insider can lack morals and integrity, be manipulative, emotionally unstable with low self-esteem and prone to fantasising. An exploitable or vulnerable lifestyle is perceived to be involved as well as an exploitable or vulnerable work profile. In work, an individual is likely to commit security violations, engage in unusual IT activity and work unusual hours. There is a plethora of factors that can contribute to enabling an insider act to take place; poor security culture, poor management, poor pre-employment checks and a lack of protective security controls can all enable an insider to act. Defence in depth helps with mitigating the threat. These measures can range from security education awareness training, enforcing the ‘need to know’ principle and managing who has access to sensitive information and assets. Pre-employment checks as well as post-employment access management and also strict password and account management policies and the monitoring and auditing of employee IT activity to highlight unusual behaviours.

Course: Risk and Security Management - BSc (Hons) - C1565

Date Deposited: 2021-11-05

URI/permalink: https://library.port.ac.uk/dissert/dis13739.html