A Review of the Insider Threat, a Practitioner Perspective Within the U.K. Financial Services

Findlay Whitelaw; Jackie Riley; Nebrase Elmrabit

doi:10.1109/ACCESS.2024.3373265

IEEE Access (Jan 2024)

A Review of the Insider Threat, a Practitioner Perspective Within the U.K. Financial Services

Findlay Whitelaw,
Jackie Riley,
Nebrase Elmrabit

Affiliations

Findlay Whitelaw: ORCiD; Glasgow School for Business and Society, Glasgow Caledonian University, Glasgow, U.K.
Jackie Riley: ORCiD; Department of Cyber Security and Networks, School of Computing, Engineering and Built Environment, Glasgow Caledonian University, Scotland, Glasgow, U.K.
Nebrase Elmrabit: ORCiD; Department of Cyber Security and Networks, School of Computing, Engineering and Built Environment, Glasgow Caledonian University, Scotland, Glasgow, U.K.

DOI: https://doi.org/10.1109/ACCESS.2024.3373265
Journal volume & issue: Vol. 12
pp. 34752 – 34768

Abstract

Read online

The insider threat within organisational cybersecurity continues to be of great concern globally. The current insider threat detection strategies are acknowledged as ineffective, evidenced by the increased reported events in high-profile insider threats and cyber data loss cases borne from insider and privilege misuse. The impact of insider incidents on Financial Service (FS) organisations is vast, operationally disruptive, and costly from a regulatory, financial, and reputational perspective. Many United Kingdom (UK) FS organisations have invested in insider risk programmes, but there is no sign of the insider threat diminishing. This paper will address the following research questions: 1) What factors influence employees to become malicious insider threats and apply this to employees working within the UK? 2) What preventative measures could be effectively operationalised within UK FS organisations to prevent malicious insider attacks? A literature review was conducted, reviewing 54 articles in peer-reviewed journals. Additional and relevant articles were incorporated to enrich the review, further substantiating the academic currency and context of the study. The review reveals five primary emerging insider threat themes, subsequently discussed and including behavioural indicators, information security behaviours, technical controls, insider threat strategies, and regulation. Throughout the literature review, one primary challenge highlighted the lack of articles published concerning the FS industry; however, the studies reviewed were relevant, appropriate, and applied across this review. Furthermore, the review also considers outcomes from a practitioner’s perspective, offering insights into the limitations of insider threat approaches and strategies and offering potential recommendations.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords