VISTA : an inclusive insider threat taxonomy, with mitigation strategies

Renaud, Karen and Warkentin, Merrill and Pogrebna, Ganna and van der Schyff, Karl (2024) VISTA : an inclusive insider threat taxonomy, with mitigation strategies. Information & Management, 61 (1). 103877. ISSN 0378-7206 (https://doi.org/10.1016/j.im.2023.103877)

[thumbnail of Renaud-etal-IM-2023-VISTA-an-inclusive-insider-threat-taxonomy-with-mitigation-strategies]
Preview
 Text. Filename: Renaud-etal-IM-2023-VISTA-an-inclusive-insider-threat-taxonomy-with-mitigation-strategies.pdf
Final Published Version
License: Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 logo
Download (5MB)| Preview

Abstract

Insiders have the potential to do a great deal of damage, given their legitimate access to organisational assets and the trust they enjoy. Organisations can only mitigate insider threats if they understand what the different kinds of insider threats are, and what tailored measures can be used to mitigate the threat posed by each of them. Here, we derive VISTA (inclusiVe InSider Threat tAxonomy) based on an extensive literature review and a survey with C-suite executives to ensure that the VISTA taxonomy is not only scientifically grounded, but also meets the needs of organisations and their executives. To this end, we map each VISTA category of insider threat to tailored mitigations that can be deployed to reduce the threat.

ORCID iDs

Renaud, Karen ORCID logoORCID: https://orcid.org/0000-0002-7187-6531, Warkentin, Merrill, Pogrebna, Ganna and van der Schyff, Karl;
CORE (COnnecting REpositories)