Abstract
The ubiquitous digitization of information and the pervasive connectivity of work systems have inevitably facilitated cyber-enabled industrial espionage. Security failures explain most of cyber industrial espionage incidents, and insider threats represent a significant pattern in many case examples. Insiders can inadvertently or purposefully pose serious threats to organisations by facilitating access to or misuse of proprietary sensitive data. This paper argues that technical security solutions have rather limited scope to tackle this problem, and that a socio-technical approach has potential to provide a better means to address the challenge of preventing and responding to insider threats. Such an approach could bridge the gap between the design and implementation of security solutions and creation of an organisational culture that is security-aware.
| Original language | English |
|---|---|
| Pages (from-to) | 27-42 |
| Number of pages | 16 |
| Journal | Security Journal |
| Volume | 33 |
| Issue number | 1 |
| Early online date | 2019 Sept 13 |
| DOIs | |
| Publication status | Published - 2020 Mar |
Subject classification (UKÄ)
- Information Systems, Social aspects (including Human Aspects of ICT)