D.S. Wall
Enemies Within: Redefining the insider threat in organizational security policy
Wall, D.S.
Authors
Abstract
The critical importance of electronic information exchanges in the daily operation of most large modern organizations is causing them to broaden their security provision to include the custodians of exchanged data – the insiders. The prevailing data loss threat model mainly focuses upon the criminal outsider and mainly regards the insider threat as ‘outsiders by proxy’, thus shaping the relationship between the worker and workplace in information security policy. A policy that increasingly takes the form of social policy for the information age as it acquires the power to include and exclude sections of society and potentially to re-stratify it? This article draws upon empirical sources to critically explore the insider threat in organizations. It looks at the prevailing threat model before deconstructing ‘the insider’ into various risk profiles, including the well-meaning insider, before drawing conclusions about what the building blocks of information security policy around the insider might be.
Citation
Wall, D. (2013). Enemies Within: Redefining the insider threat in organizational security policy. Security Journal, 26(2), 107-124. https://doi.org/10.1057/sj.2012.1
| Journal Article Type | Article |
|---|---|
| Publication Date | Apr 1, 2013 |
| Deposit Date | Mar 5, 2012 |
| Publicly Available Date | Nov 19, 2014 |
| Journal | Security Journal |
| Print ISSN | 0955-1662 |
| Electronic ISSN | 1743-4645 |
| Publisher | Palgrave Macmillan |
| Peer Reviewed | Peer Reviewed |
| Volume | 26 |
| Issue | 2 |
| Pages | 107-124 |
| DOI | https://doi.org/10.1057/sj.2012.1 |
| Keywords | Information security, Security policy, Cybercrime, Organizations, Insider threat. |
Files
Accepted Journal Article
(748 Kb)
PDF
Copyright Statement
This is a post-peer-review pre-copyedit version of an article published in Security Journal. The definitive publisher-authenticated version Wall, D.S. (2013) 'Enemies within : redefining the insider threat in organizational security policy.', Security journal., 26 (2). pp. 107-124 is available online at: http://dx.doi.org/10.1057/sj.2012.1.
You might also like
Policing Identity Crimes
(2013)
Journal Article
Micro-Frauds: Virtual Robberies, Stings and Scams in the Information Age.
(2011)
Book Chapter
Jailhouse Frocks: Locating the public interest in policing counterfeit luxury fashion goods.
(2010)
Journal Article
Downloadable Citations
About Durham Research Online (DRO)
Administrator e-mail: dro.admin@durham.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search