Abstract
Insider IT sabotage can be defined as the use of information technology to cause harm to an organization or an individual. Behavioral precursors are usually observable during the evolution of the threat. These precursors include personal predispositions such as rule and policy violations or mental health disorders, expressed disgruntlement due to unmet expectations or stressful events experienced by highly skilled employees with access to administrate systems, networks, and data in the organization. This research uses an agent-based modeling and simulation approach for modeling behavior precursors of insider IT sabotage within an organization using a risk scale. The specific behavioral precursors include the individual’s predisposition, disgruntlement, stress levels, technical skill levels and the level of access to the computer systems. The simulation provides a framework for exploring the emergence and development of insider IT sabotage within organizations for different turnover rates.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cappelli, D.M., Moore, A.P., Trzeciak, R.F.: The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud). Addison-Wesle (2012)
Moore, A.P., Cappelli, D.M., Trzeciak, R.F.: The “big picture” of insider IT sabotage across US critical infrastructures. In: Insider Attack and Cyber Security, pp. 17–52. Springer, (2008)
Band, S.R., Cappelli, D.M., Fischer, L.F., Moore, A.P., Shaw, E.D., Trzeciak, R.F.: Comparing insider IT sabotage and espionage: a model-based analysis. DTIC Document (2006)
Colwill, C.: Human factors in information security: the insider threat–Who can you trust these days? Inf. Secur. Tech. Rep. 14(4), 186–196 (2009)
Crossler, R.E., Johnston, A.C., Lowry, P.B., Hu, Q., Warkentin, M., Baskerville, R.: Future directions for behavioral information security research. Comput. Secur. 32, 90–101 (2013)
Greitzer, F.L., Kangas, L.J., Noonan, C.F., Dalton, A.C., Hohimer, R.E.: Identifying at-risk employees: modeling psychosocial precursors of potential insider threats. In: 2012 45th Hawaii International Conference on System Science (HICSS), pp. 2392–2401. IEEE
Shaw, E.D., Fischer, L.F., Rose, A.E.: Insider risk evaluation and audit. DTIC Document (2009)
Greitzer, F.L., Kangas, L.J., Noonan, C.F., Dalton, A., Hohimer, R.: Identifying at-risk employees: a behavioral model for predicting potential insider threats. Pacific Northwest National Laboratory Richland, WA (2010)
Kandias, M., Mylonas, A., Virvilis, N., Theoharidou, M., Gritzalis, D.: An insider threat prediction model. In: International Conference on Trust, Privacy and Security in Digital Business, pp. 26–37. Springer (2010)
Epstein, J.M.: Agent_Zero: Toward Neurocognitive Foundations for Generative Social Science. Princeton University Press, Princeton (2014)
Sokolowski, J.A., Banks, C.M.: Agent implementation for modeling insider threat. In: 2015 Winter Simulation Conference (WSC), pp. 266–275. IEEE
Sokolowski, J.A., Banks, C.M., Dover, T.J.: An agent-based approach to modeling insider threat. Comput. Math. Organ. Theory 22(3), 273–287 (2016)
Bell, D.E., LaPadula, L.J.: Secure computer systems: mathematical foundations. DTIC Document (1973)
LaPadula, L.J., Bell, D.E.: MITRE technical report 2547, volume II. J. Comput. Secur. 4(2–3), 239–263 (1996)
LaPadula, L.J., Bell, D.E.: Secure computer systems: a mathematical model. Technical report 25471996
Huselid, M.A.: The impact of human resource management practices on turnover, productivity, and corporate financial performance. Acad. Manag. J. 38(3), 635–672 (1995)
Guthrie, J.P.: High-involvement work practices, turnover, and productivity: evidence from New Zealand. Acad. Manag. J. 44(1), 180–190 (2001)
Wilensky, U.: “Netlogo, 1999,” Center for Connected Learning and Computer-Based Modeling. Northwestern University, Evanston, IL (2010)
Rescorla, R.A., Wagner, A.R.: A theory of Pavlovian conditioning: variations in the effectiveness of reinforcement and nonreinforcement
Willison, R., Warkentin, M.: Motivations for employee computer crime: understanding and addressing workplace disgruntlement through the application of organisational justice. In: Proceedings of the IFIP TC8 International Workshop on Information Systems Security Research. International Federation for Information Processing, pp. 127–144 (2009)
Acknowledgements
This work is supported by the Office of the Assistant Secretary of Defense for Research and Engineering (OASD (R&E)) agreement FA8750-15-2-0120
Disclaimer
The views and conclusions contained in this paper are those of the authors and should not be interpreted as the as necessarily representing the official policies or endorsements the Office of the Assistant Secretary of Defense for Research and Engineering (OASD (R&E))
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Ardiles Cruz, E.G., Sokolowski, J.A., Kroecker, T., Shetty, S. (2019). Agent-Based Behavior Precursor Model of Insider IT Sabotage. In: Carmichael, T., Collins, A., Hadžikadić, M. (eds) Complex Adaptive Systems. Understanding Complex Systems. Springer, Cham. https://doi.org/10.1007/978-3-030-20309-2_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-20309-2_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-20307-8
Online ISBN: 978-3-030-20309-2
eBook Packages: EngineeringEngineering (R0)