This article critically examines the insider threat in organizations in the context of electronic information exchanges. The current data loss threat model primarily focuses on the criminal outsider, often viewing the insider threat as ‘outsiders by proxy’. This perspective shapes the relationship between the worker and the workplace in information security policy. The article deconstructs ‘the insider’ into various risk profiles, including the well-meaning insider, and concludes with suggestions for the building blocks of information security policy around the insider.
The Impact of Workload on Phishing Susceptibility: An Experiment
Phishing is when social engineering is used to deceive a person into sharing sensitive information or downloading...