{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T18:42:41Z","timestamp":1775068961254,"version":"3.50.1"},"publisher-location":"Cham","reference-count":97,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031893629","type":"print"},{"value":"9783031893636","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-89363-6_11","type":"book-chapter","created":{"date-parts":[[2025,5,24]],"date-time":"2025-05-24T07:47:43Z","timestamp":1748072863000},"page":"186-211","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["What Do We Know About the\u00a0Psychology of\u00a0Insider Threats?"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5147-3084","authenticated-orcid":false,"given":"Jukka","family":"Ruohonen","sequence":"first","affiliation":[]},{"given":"Mubashrah","family":"Saddiqa","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,5,25]]},"reference":[{"key":"11_CR1","doi-asserted-by":"crossref","unstructured":"Ahmad, M.B., Saeed-ur-Rehman, Akram, A., Asif, M.: Towards a realistic risk assessment methodology for insider threats of information misuse. In: Proceedings of the 12th International Conference on Frontiers of Information Technology, pp. 176\u2013181. IEEE, Islamabad (2014)","DOI":"10.1109\/FIT.2014.41"},{"key":"11_CR2","doi-asserted-by":"crossref","unstructured":"Al tabash, K., Happa. J.: Insider-threat detection using gaussian mixture models and sensitivity profiles. Comput. Secur. 77, 838\u2013859 (2018)","DOI":"10.1016\/j.cose.2018.03.006"},{"key":"11_CR3","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1007\/s10588-021-09341-0","volume":"28","author":"E Alhajjar","year":"2022","unstructured":"Alhajjar, E., Bradley, T.: Survival Analysis for Insider Threat. Comput. Math. Organ. Theory 28, 335\u2013351 (2022)","journal-title":"Comput. Math. Organ. Theory"},{"key":"11_CR4","doi-asserted-by":"publisher","first-page":"108965","DOI":"10.1109\/ACCESS.2022.3213645","volume":"10","author":"M Alohaly","year":"2022","unstructured":"Alohaly, M., Balogun, O., Takabi, D.: Integrating cyber deception into attribute-based access control (ABAC) for insider threat detection. IEEE Access 10, 108965\u2013108978 (2022)","journal-title":"IEEE Access"},{"key":"11_CR5","doi-asserted-by":"publisher","first-page":"364","DOI":"10.1057\/ejis.2015.21","volume":"25","author":"BB Anderson","year":"2016","unstructured":"Anderson, B.B., Vance, A., Kirwan, C.B., Eargle, D., Jenkins, J.L.: How users perceive and respond to security messages: a NeuroIS research agenda and empirical study. Eur. J. Inf. Syst. 25, 364\u2013390 (2016)","journal-title":"Eur. J. Inf. Syst."},{"key":"11_CR6","unstructured":"Axelrad, E.T., Sticha, P.J., Brdiczka, O., Shen, J.: A Bayesian network model for predicting insider threats. In: Proceedings of the IEEE Security and Privacy Workshops. pp. 82\u201389. IEEE, San Francisco (2023)"},{"issue":"2","key":"11_CR7","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1109\/TCSS.2014.2377811","volume":"1","author":"A Azaria","year":"2014","unstructured":"Azaria, A., Richardson, A., Kraus, S., Subrahmanian, V.S.: Behavioral analysis of insider threat: a survey and bootstrapped prediction in imbalanced data. IEEE Trans. Comput. Soc. Syst. 1(2), 135\u2013155 (2014)","journal-title":"IEEE Trans. Comput. Soc. Syst."},{"key":"11_CR8","doi-asserted-by":"crossref","unstructured":"Basu, S., et al.: Towards a data-driven behavioral approach to prediction of insider-threat. In: Proceedings of the IEEE International Conference on Big Data (Big Data), pp. 4994\u20135001. IEEE, Seattle (2018)","DOI":"10.1109\/BigData.2018.8622529"},{"key":"11_CR9","doi-asserted-by":"publisher","first-page":"776","DOI":"10.1057\/s41284-020-00260-4","volume":"34","author":"CA Binns","year":"2021","unstructured":"Binns, C.A., Kempf, R.J.: Background checks: the theories behind the process. Secur. J. 34, 776\u2013801 (2021)","journal-title":"Secur. J."},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"Bishop, M., Gates, C., Frincke, D., Greitzer, F.L.: AZALIA: an A to Z assessment of the likelihood of insider attack. In: Proceedings of the IEEE Conference on Technologies for Homeland Security, pp. 385\u2013392. IEEE, Waltham (2009)","DOI":"10.1109\/THS.2009.5168063"},{"issue":"2","key":"11_CR11","doi-asserted-by":"publisher","first-page":"159","DOI":"10.2307\/2183991","volume":"81","author":"NJ Block","year":"1972","unstructured":"Block, N.J., Fodor, J.A.: What psychological states are not. Philos. Rev. 81(2), 159\u2013181 (1972)","journal-title":"Philos. Rev."},{"key":"11_CR12","doi-asserted-by":"crossref","unstructured":"Brdiczka, O., et al.: Proactive insider threat detection through graph learning and psychological context. In: Proceedings of the IEEE Symposium on Security and Privacy Workshops, pp. 142\u2013149. IEEE, San Francisco (2012)","DOI":"10.1109\/SPW.2012.29"},{"key":"11_CR13","doi-asserted-by":"crossref","unstructured":"Brown, C.R., Watkins, A., Greitzer, F.L.: Predicting insider threat risks through linguistic analysis of electronic communication. In: Proceedings of the 46th Hawaii International Conference on System Sciences, pp. 1849\u20131858. IEEE, Wailea (2013)","DOI":"10.1109\/HICSS.2013.453"},{"key":"11_CR14","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s10207-013-0206-9","volume":"13","author":"TE Carroll","year":"2014","unstructured":"Carroll, T.E., Greitzer, F.L., Roberts, A.D.: Security informatics research challenges for mitigating cyber friendly fire. Secur. Inform. 13, 1\u201314 (2014)","journal-title":"Secur. Inform."},{"key":"11_CR15","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4020-6872-0","volume-title":"Moral Psychology Today: Essays on Values, Rational Choice, and the Will","author":"DK Chan","year":"2008","unstructured":"Chan, D.K.: Introduction: moral psychology today. In: Chan, D.K. (ed.) Moral Psychology Today: Essays on Values, Rational Choice, and the Will. Springer, Cham (2008)"},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"Chi, H., Scarllet, C., Prodanoff, Z.G., Hubbard, D.: Determining predisposition to insider threat activities by using text analysis. In: Proceedings of the Future Technologies Conference (FTC), pp. 985\u2013990. IEEE, San Francisco (2016)","DOI":"10.1109\/FTC.2016.7821723"},{"key":"11_CR17","doi-asserted-by":"crossref","unstructured":"Choi, S., Zage, D.: Addressing insider threat using \u201cWhere You Are\u201d as fourth factor authentication. In: Proceedings IEEE International Carnahan Conference on Security Technology (ICCST), pp. 147\u2013153. IEEE, Newton (2012)","DOI":"10.1109\/CCST.2012.6393550"},{"key":"11_CR18","unstructured":"CISA: Zero Trust Maturity Model (2023). Cybersecurity & Infrastructure Security Agency (CISA) of the United States (2024). https:\/\/www.cisa.gov\/sites\/default\/files\/2023-04\/zero_trust_maturity_model_v2_508.pdf"},{"key":"11_CR19","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10869-021-09732-9","volume":"37","author":"RS Dalal","year":"2022","unstructured":"Dalal, R.S., Howard, D.J., Brummel, B.J.: Organizational science and cybersecurity: abundant opportunities for research at the interface. J. Bus. Psychol. 37, 1\u201329 (2022)","journal-title":"J. Bus. Psychol."},{"key":"11_CR20","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1007\/s10551-008-9909-7","volume":"89","author":"J D\u2019Arcy","year":"2009","unstructured":"D\u2019Arcy, J., Hovav, A.: Does one size fit all? Examining the differential effects of IS security countermeasures. J. Bus. Ethics 89, 59\u201371 (2009)","journal-title":"J. Bus. Ethics"},{"key":"11_CR21","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1007\/s10611-023-10108-8","volume":"81","author":"B Dong","year":"2024","unstructured":"Dong, B., Chernov, S., Akpina, K.O.: Legal aspects of corporate systems for preventing cybercrime among personnel. Crime Law Soc. Chang. 81, 75\u201396 (2024)","journal-title":"Crime Law Soc. Chang."},{"key":"11_CR22","doi-asserted-by":"publisher","first-page":"103779","DOI":"10.1016\/j.cose.2024.103779","volume":"140","author":"S Duan","year":"2024","unstructured":"Duan, S., Yuan, J., Wang, B.: Contextual feature representation for image-based insider threat classification. Comput. Secur. 140, 103779 (2024)","journal-title":"Comput. Secur."},{"key":"11_CR23","doi-asserted-by":"crossref","unstructured":"Dupuis, M., Khadeer, S.: Curiosity killed the organization: a psychological comparison between malicious and non-malicious insiders and the insider threat. In: Proceedings of the 5th Annual Conference on Research in Information Technology, pp. 35\u201340. ACM, Boston (2016)","DOI":"10.1145\/2978178.2978185"},{"key":"11_CR24","doi-asserted-by":"crossref","unstructured":"Eftimie, S., Cotenescu, V., R\u0103cuciu, C., Gl\u0103van, D.: A case study in anticipating insider vulnerabilities using psychological profiling. In: Proceedings of the IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom), pp. 1\u20134. IEEE, Bucharest (2021)","DOI":"10.1109\/BlackSeaCom52164.2021.9527896"},{"key":"11_CR25","doi-asserted-by":"publisher","first-page":"101908","DOI":"10.1016\/j.cose.2020.101908","volume":"96","author":"N Elmrabit","year":"2020","unstructured":"Elmrabit, N., Yang, S., Yang, L., Zhou, H.: Insider threat risk prediction based on Bayesian network. Comput. Secur. 96, 101908 (2020)","journal-title":"Comput. Secur."},{"key":"11_CR26","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1007\/s10796-010-9265-x","volume":"15","author":"F Farahmand","year":"2013","unstructured":"Farahmand, F., Spafford, E.H.: Understanding insiders: an analysis of risk-taking behavior. Inf. Syst. Front. 15, 5\u201315 (2013)","journal-title":"Inf. Syst. Front."},{"key":"11_CR27","doi-asserted-by":"crossref","unstructured":"Faresi, A.A., Wijesekera, D.: Preemptive mechanism to prevent health data privacy leakage. In: Proceedings of the International Conference on Management of Emergent Digital EcoSystems, pp. 17\u201324. ACM, San Francisco (2011)","DOI":"10.1145\/2077489.2077493"},{"key":"11_CR28","doi-asserted-by":"publisher","first-page":"102082","DOI":"10.1016\/j.cose.2020.102082","volume":"100","author":"S Farshadkhah","year":"2021","unstructured":"Farshadkhah, S., Van Slyke, C., Fuller, B.: Onlooker effect and affective responses in information security violation mitigation. Comput. Secur. 100, 102082 (2021)","journal-title":"Comput. Secur."},{"issue":"2","key":"11_CR29","first-page":"130","volume":"10","author":"M Fishbein","year":"1977","unstructured":"Fishbein, M., Ajzen, I.: Belief, Attitude, Intention, and Behavior: An Introduction to Theory and Research. Philos. Rhetor. 10(2), 130\u2013132 (1977)","journal-title":"Philos. Rhetor."},{"key":"11_CR30","doi-asserted-by":"crossref","unstructured":"Gamachchi, A., Bozta\u015f, S.: Web access patterns reveal insiders behavior. In: Proceedings of the International Workshop on Signal Design and its Applications in Communications (IWSDA), pp. 70\u201374. IEEE, Bengaluru (2015)","DOI":"10.1109\/IWSDA.2015.7458417"},{"issue":"6","key":"11_CR31","first-page":"1","volume":"1","author":"IA Gheyas","year":"2016","unstructured":"Gheyas, I.A., Abdallah, A.E.: Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysis. Big Data Analytics 1(6), 1\u201329 (2016)","journal-title":"Big Data Analytics"},{"key":"11_CR32","doi-asserted-by":"publisher","first-page":"734","DOI":"10.1057\/sj.2015.13","volume":"30","author":"M Gill","year":"2017","unstructured":"Gill, M., Crane, S.: The role and importance of trust: a study of the conditions that generate and undermine sensitive information sharing. Secur. J. 30, 734\u2013748 (2017)","journal-title":"Secur. J."},{"issue":"1","key":"11_CR33","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1037\/0003-066X.48.1.26","volume":"48","author":"LR Goldberg","year":"1993","unstructured":"Goldberg, L.R.: The structure of phenotypic personality traits. Am. Psychol. 48(1), 26\u201334 (1993)","journal-title":"Am. Psychol."},{"key":"11_CR34","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s42979-021-00990-1","volume":"3","author":"FL Greitzer","year":"2022","unstructured":"Greitzer, F.L., Purl, J.: The dynamic nature of insider threat indicators. SN Comput. Sci. 3, 1\u201315 (2022)","journal-title":"SN Comput. Sci."},{"key":"11_CR35","doi-asserted-by":"crossref","unstructured":"Greitzer, F.L., Strozer, J.R., Cohen, S., Moore, A.P., Mundie, D., Cowley, J.: Analysis of unintentional insider threats deriving from social engineering exploits. In: Proceedings of the IEEE Security and Privacy Workshops, pp. 236\u2013250. IEEE (2014)","DOI":"10.1109\/SPW.2014.39"},{"key":"11_CR36","first-page":"103378","volume":"71","author":"P Harms","year":"2022","unstructured":"Harms, P., Marbut, A., Johnston, A.C., Lester, P., Fezzey, T.: Exposing the darkness within: a review of dark personality traits, models, and measures and their relationship to insider threats. J. Inf. Secur. Appl. 71, 103378 (2022)","journal-title":"J. Inf. Secur. Appl."},{"key":"11_CR37","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1007\/s10551-016-3368-3","volume":"153","author":"A Harrison","year":"2018","unstructured":"Harrison, A., Summers, J., Mennecke, B.: The effects of the dark triad on unethical behavior. J. Bus. Ethics 153, 53\u201377 (2018)","journal-title":"J. Bus. Ethics"},{"key":"11_CR38","doi-asserted-by":"crossref","unstructured":"Hashem, Y., Takabi, H., Dantu, R., Nielsen, R.: A multi-modal neuro-physiological study of malicious insider threats. In: Proceedings of the 2017 International Workshop on Managing Insider Security Threats, pp. 33\u201344. ACM, Dallas","DOI":"10.1145\/3139923.3139930"},{"issue":"2","key":"11_CR39","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1177\/1094428120986851","volume":"26","author":"M Hiebl","year":"2023","unstructured":"Hiebl, M.: Sample selection in systematic literature reviews of management research. Organ. Res. Methods 26(2), 229\u2013261 (2023)","journal-title":"Organ. Res. Methods"},{"issue":"8","key":"11_CR40","first-page":"1555","volume":"65","author":"SM Ho","year":"2014","unstructured":"Ho, S.M., Benbasat, I.: Dyadic attribution model: a mechanism to assess trustworthiness in virtual organizations. J. Am. Soc. Inf. Sci. 65(8), 1555\u20131576 (2014)","journal-title":"J. Am. Soc. Inf. Sci."},{"key":"11_CR41","doi-asserted-by":"crossref","unstructured":"Ho, S.M., Hancock, J.T., Booth, C., Burmester, M., Liu, X., Timmarajus, S.S.: Demystifying insider threat: language-action cues in group dynamics. In: Proceedings of the 49th Hawaii International Conference on System Sciences (HICSS), pp. 2729\u20132738. IEEE, Koloa (2016)","DOI":"10.1109\/HICSS.2016.343"},{"key":"11_CR42","doi-asserted-by":"publisher","first-page":"377","DOI":"10.1007\/s10796-015-9599-5","volume":"19","author":"SM Ho","year":"2017","unstructured":"Ho, S.M., Warkentin, M.: Leader\u2019s dilemma game: an experimental design for cyber insider threat research. Inf. Syst. Front. 19, 377\u2013396 (2017)","journal-title":"Inf. Syst. Front."},{"issue":"9","key":"11_CR43","doi-asserted-by":"publisher","first-page":"805","DOI":"10.1038\/nbt.4240","volume":"36","author":"M Ienca","year":"2018","unstructured":"Ienca, M., Haselager, P., Emanuel, E.J.: Brain leaks and consumer neurotechnology. Nat. Biotechnol. 36(9), 805\u2013810 (2018)","journal-title":"Nat. Biotechnol."},{"key":"11_CR44","doi-asserted-by":"crossref","unstructured":"Jiang, J., et al.: Prediction and detection of malicious insiders\u2019 motivation based on sentiment profile on webpages and emails. In: Proceedings of the IEEE Military Communications Conference (MILCOM), pp. 1\u20136. IEEE, Los Angeles (2018)","DOI":"10.1109\/MILCOM.2018.8599790"},{"key":"11_CR45","doi-asserted-by":"crossref","unstructured":"Jiang, J., et al.: Warder: online insider threat detection system using multi-feature modeling and graph-based correlation. In: Proceedings of the IEEE Military Communications Conference (MILCOM), pp. 1\u20136. IEEE, Norfolk (2019)","DOI":"10.1109\/MILCOM47813.2019.9020931"},{"key":"11_CR46","doi-asserted-by":"publisher","first-page":"21391","DOI":"10.1007\/s11071-023-08954-1","volume":"111","author":"X Kan","year":"2023","unstructured":"Kan, X., et al.: User-level malicious behavior analysis model based on the NMF-GMM algorithm and ensemble strategy. Nonlinear Dyn. 111, 21391\u201321408 (2023)","journal-title":"Nonlinear Dyn."},{"key":"11_CR47","doi-asserted-by":"publisher","first-page":"393","DOI":"10.1007\/s10111-021-00690-z","volume":"24","author":"N Khan","year":"2022","unstructured":"Khan, N., Houghton, R.J., Sharples, S.: Understanding factors that influence unintentional insider threat: a framework to counteract unintentional risks. Cogn. Technol. Work 24, 393\u2013421 (2022)","journal-title":"Cogn. Technol. Work"},{"issue":"Suppl 1","key":"11_CR48","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1007\/s13198-021-01378-3","volume":"13","author":"K Kisenasamy","year":"2022","unstructured":"Kisenasamy, K., Perumal, S., Raman, V., Singh, B.: Influencing factors identification in smart society for insider threat in law enforcement agency using a mixed method approach. Int. J. Syst. Assur. Eng. Manage. 13(Suppl 1), 236\u2013251 (2022)","journal-title":"Int. J. Syst. Assur. Eng. Manage."},{"key":"11_CR49","doi-asserted-by":"publisher","first-page":"2049","DOI":"10.1016\/j.infsof.2013.07.010","volume":"55","author":"B Kitchenham","year":"2013","unstructured":"Kitchenham, B., Brereton, P.: A systematic review of systematic review process research in software engineering. Inf. Softw. Technol. 55, 2049\u20132075 (2013)","journal-title":"Inf. Softw. Technol."},{"key":"11_CR50","doi-asserted-by":"crossref","unstructured":"K\u00f8ien, G.M.: Why cryptosystems fail revisited. Wireless Pers. Commun. 106, 85\u2013117","DOI":"10.1007\/s11277-019-06265-6"},{"key":"11_CR51","doi-asserted-by":"crossref","unstructured":"Kritika, M.: A comprehensive study on navigating neuroethics in cyberspace. AI Ethics (Published oline in May), 1\u20138 (2024)","DOI":"10.1007\/s43681-024-00486-7"},{"key":"11_CR52","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/s42400-019-0043-x","volume":"3","author":"R Lahcen","year":"2020","unstructured":"Lahcen, R., Caulkins, B., Mohapatra, R., Kumar, M.: Review and insight on the behavioral aspects of cybersecurity. Cybersecurity 3, 1\u201318 (2020)","journal-title":"Cybersecurity"},{"key":"11_CR53","doi-asserted-by":"publisher","first-page":"273","DOI":"10.1007\/s10111-023-00727-5","volume":"25","author":"D Lee","year":"2023","unstructured":"Lee, D., Lallie, H.S., Michaelides, N.: The impact of an employee\u2019s psychological contract breach on compliance with information security policies: intrinsic and extrinsic motivation. Cogn. Technol. Work 25, 273\u2013289 (2023)","journal-title":"Cogn. Technol. Work"},{"issue":"2","key":"11_CR54","doi-asserted-by":"publisher","first-page":"503","DOI":"10.1109\/JSYST.2015.2438442","volume":"11","author":"PA Legg","year":"2017","unstructured":"Legg, P.A., Buckley, O., Goldsmith, M., Creese, S.: Automated insider threat detection system using user and role-based profile assessment. IEEE Syst. J. 11(2), 503\u2013512 (2017)","journal-title":"IEEE Syst. J."},{"key":"11_CR55","doi-asserted-by":"crossref","unstructured":"Li, C., Li, F., Yu, M., Guo, Y., Wen, Y., Li, Z.: Insider threat detection using generative adversarial graph attention networks. In: Proceedings of the IEEE Global Communications Conference (GLOBECOM), pp. 2680\u20132685. IEEE, Rio de Janeiro (2022)","DOI":"10.1109\/GLOBECOM48099.2022.10001207"},{"key":"11_CR56","doi-asserted-by":"publisher","first-page":"679","DOI":"10.1007\/s10869-023-09885-9","volume":"39","author":"AR Marbut","year":"2024","unstructured":"Marbut, A.R., Harms, P.D.: Fiends and fools: a narrative review and neo-socioanalytic perspective on personality and insider threats. J. Bus. Psychol. 39, 679\u2013696 (2024)","journal-title":"J. Bus. Psychol."},{"key":"11_CR57","doi-asserted-by":"crossref","unstructured":"Martinez-Moyano, I.J., Rich, E.H., Conrad, S.H., Andersen, D.F.: Modeling the emergence of insider threat vulnerabilities. In: Proceedings of the Winter Simulation Conference, pp. 562\u2013568. IEEE, Monterey (2006)","DOI":"10.1109\/WSC.2006.323130"},{"key":"11_CR58","doi-asserted-by":"crossref","unstructured":"Mathews, R.: Interrogating \u201cPrivacy\u201d in a world brimming with high political entanglements, surveillance, interdependence & interconnections. Health Technol. 7, 265\u2013324 (2017)","DOI":"10.1007\/s12553-017-0211-5"},{"key":"11_CR59","doi-asserted-by":"crossref","unstructured":"Mekonnen, S., Padayachee, K., Meshesha, M.: A privacy preserving context-aware insider threat prediction and prevention model predicated on the components of the fraud diamond. In: Proceedings of the Annual Global Online Conference on Information and Computer Technology (GOCICT), pp. 60\u201365. IEEE, Louisville (2015)","DOI":"10.1109\/GOCICT.2015.20"},{"key":"11_CR60","doi-asserted-by":"crossref","unstructured":"Mittal, A., Garg, U.: Prediction and detection of insider threat detection using emails: a comparision. In: Proceedings of the Second International Conference on Electrical, Electronics, Information and Communication Technologies (ICEEICT), pp. 1\u20136. Trichirappalli (2023)","DOI":"10.1109\/ICEEICT56924.2023.10157297"},{"key":"11_CR61","doi-asserted-by":"crossref","unstructured":"Moore, A.P., Cassidy, T.M., Theis, M.C., Bauer, D., Rousseau, D.M., Moore, S.B.: Balancing organizational incentives to counter insider threat. In: Proceedings of the IEEE Security and Privacy Workshops (SPW), pp. 237\u2013246. IEEE (2018)","DOI":"10.1109\/SPW.2018.00039"},{"key":"11_CR62","doi-asserted-by":"crossref","unstructured":"Munshi, A., Dell, P., Armstrong, H.: Insider threat behavior factors: a comparison of theory with reported incidents. In: Proceedings of the 45th Hawaii International Conference on System Sciences, pp. 2402\u20132411. IEEE, Maui (2021)","DOI":"10.1109\/HICSS.2012.326"},{"issue":"9","key":"11_CR63","first-page":"381","volume":"27","author":"A Nightingale","year":"2009","unstructured":"Nightingale, A.: A guide to systematic literature reviews. Surgery 27(9), 381\u2013384 (2009)","journal-title":"Surgery"},{"key":"11_CR64","doi-asserted-by":"crossref","unstructured":"Nurse, J.R.C., et al.: Understanding insider threat: a framework for characterising attacks. In: Proceedings of the IEEE Security and Privacy Workshops, pp. 214\u2013228. IEEE, San Jose (2014)","DOI":"10.1109\/SPW.2014.38"},{"key":"11_CR65","doi-asserted-by":"crossref","unstructured":"Osterritter, L., Carley, K.M.: Conversations around organizational risk and insider threat. In: Proceedings of the 2021 IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining, pp. 613\u2013621. ACM (2021)","DOI":"10.1145\/3487351.3492721"},{"key":"11_CR66","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1007\/s00187-022-00335-w","volume":"33","author":"R Othman","year":"2022","unstructured":"Othman, R., Ameer, R.: In employees we trust: employee fraud in small businesses. J. Manage. Control 33, 189\u2013213 (2022)","journal-title":"J. Manage. Control"},{"issue":"6","key":"11_CR67","doi-asserted-by":"publisher","first-page":"556","DOI":"10.1016\/S0092-6566(02)00505-6","volume":"36","author":"DL Paulhouse","year":"2002","unstructured":"Paulhouse, D.L., Williams, K.M.: The dark triad of personality: narcissism, Machiavellianism, and psychopathy. J. Res. Pers. 36(6), 556\u2013563 (2002)","journal-title":"J. Res. Pers."},{"key":"11_CR68","doi-asserted-by":"crossref","unstructured":"Petersen, K., Feldt, R., Mujtaba, S., Mattson, M.: Systematic mapping studies in software engineering. In: Proceedings of the 12th International Conference on Evaluation and Assessment in Software Engineering (EASE), pp. 68\u201377. BCS Learning & Development Ltd., Italy (2008)","DOI":"10.14236\/ewic\/EASE2008.8"},{"issue":"1","key":"11_CR69","first-page":"97","volume":"1","author":"DD Petkus","year":"2010","unstructured":"Petkus, D.D.: Ethics of human intelligence operations: Of MICE and men. Int. J. Intell. Ethics 1(1), 97\u2013121 (2010)","journal-title":"Int. J. Intell. Ethics"},{"issue":"5","key":"11_CR70","first-page":"602","volume":"31","author":"S Prabhu","year":"2022","unstructured":"Prabhu, S., Thompson, N.: A primer on insider threats in cybersecurity. Inf. Secur. J.: Global Perspect. 31(5), 602\u2013611 (2022)","journal-title":"Inf. Secur. J.: Global Perspect."},{"issue":"2","key":"11_CR71","doi-asserted-by":"publisher","first-page":"258","DOI":"10.1177\/1362480617707948","volume":"22","author":"SJ Prins","year":"2018","unstructured":"Prins, S.J., Reich, A.: Can we avoid reductionism in risk reduction? Theor. Criminol. 22(2), 258\u2013278 (2018)","journal-title":"Theor. Criminol."},{"key":"11_CR72","doi-asserted-by":"crossref","unstructured":"Ren, X., Wang, L.: A hybrid intelligent system for insider threat detection using iterative attention. In: Proceedings of 2020 6th International Conference on Computing and Data Engineering, pp. 189\u2013194. ACM (2020)","DOI":"10.1145\/3379247.3379251"},{"key":"11_CR73","doi-asserted-by":"publisher","first-page":"103877","DOI":"10.1016\/j.im.2023.103877","volume":"61","author":"K Renaud","year":"2024","unstructured":"Renaud, K., Warkentin, M., Pogrebna, G., van der Schyff, K.: VISTA: an inclusive insider threat taxonomy, with mitigation strategies. Inf. Manage. 61, 103877 (2024)","journal-title":"Inf. Manage."},{"key":"11_CR74","doi-asserted-by":"crossref","unstructured":"Roy, K.C., Chen, G.: GraphCH: a deep framework for assessing cyber-human aspects in insider threat detection. IEEE Trans. Dependable Secure Comput. (Preprint), 1\u201315 (2024)","DOI":"10.1109\/TDSC.2024.3353929"},{"key":"11_CR75","unstructured":"Ruohonen, J., Hjerppe, K., Kortesuo, K.: Crisis Communication in the Face of Data Breaches (2024). Archived manuscript. Available online in June: https:\/\/arxiv.org\/abs\/2406.01744"},{"key":"11_CR76","doi-asserted-by":"crossref","unstructured":"Ruohonen, J., Hjerppe, K., von Zastrow, M.: An exploratory case study on data breach journalism. In: Proceedings of the 19th International Conference on Availability, Reliability and Security (ARES 2024), pp. 1\u20139. ACM, Vienna (2024)","DOI":"10.1145\/3664476.3670456"},{"key":"11_CR77","doi-asserted-by":"publisher","first-page":"587","DOI":"10.1016\/j.future.2019.03.024","volume":"97","author":"NS Safa","year":"2019","unstructured":"Safa, N.S., et al.: Deterrence and prevention-based model to mitigate information security insider threats in organisations. Futur. Gener. Comput. Syst. 97, 587\u2013597 (2019)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"11_CR78","first-page":"247","volume":"40","author":"NS Safa","year":"2018","unstructured":"Safa, N.S., Maple, C., Watson, T., Von Solms, R.: Motivation and opportunity based model to reduce information security insider threats in organisations. J. Inf. Secur. Appl. 40, 247\u2013257 (2018)","journal-title":"J. Inf. Secur. Appl."},{"issue":"2","key":"11_CR79","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1109\/EMR.2019.2917656","volume":"47","author":"GL Sanders","year":"2019","unstructured":"Sanders, G.L., Upadhyaya, S., Wang, X.: Inside the insider. IEEE Eng. Manage. Rev. 47(2), 84\u201391 (2019)","journal-title":"IEEE Eng. Manage. Rev."},{"issue":"2","key":"11_CR80","doi-asserted-by":"publisher","first-page":"331","DOI":"10.1109\/TSMCA.2011.2162500","volume":"42","author":"E Santos","year":"2012","unstructured":"Santos, E., et al.: Intelligence analyses and the insider threat. IEEE Trans. Syst., Man, Cybern.- Part A: Syst. Hum. 42(2), 331\u2013347 (2012)","journal-title":"IEEE Trans. Syst., Man, Cybern.- Part A: Syst. Hum."},{"key":"11_CR81","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1016\/j.istr.2010.11.002","volume":"15","author":"KR Sarkar","year":"2010","unstructured":"Sarkar, K.R.: Assessing insider threats to information security using technical, behavioural and organisational measures. Inf. Secur. Tech. Rep. 15, 112\u2013133 (2010)","journal-title":"Inf. Secur. Tech. Rep."},{"issue":"3","key":"11_CR82","doi-asserted-by":"publisher","first-page":"175","DOI":"10.1109\/TTS.2022.3192767","volume":"3","author":"JR Schoenherr","year":"2022","unstructured":"Schoenherr, J.R.: Insider threats and individual differences: intention and unintentional motivations. IEEE Trans. Technol. Soc. 3(3), 175\u2013184 (2022)","journal-title":"IEEE Trans. Technol. Soc."},{"key":"11_CR83","doi-asserted-by":"crossref","unstructured":"Schoenherr, J.R., Thomson, R.: The cybersecurity (CSEC) questionnaire: individual differences in unintentional insider threat behaviours. In: Proceedings of the International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), pp. 1\u20138. IEEE, Dublin (2021)","DOI":"10.1109\/CyberSA52016.2021.9478213"},{"key":"11_CR84","doi-asserted-by":"publisher","first-page":"1385","DOI":"10.1007\/s10207-023-00697-9","volume":"22","author":"H Sepehrzadeh","year":"2023","unstructured":"Sepehrzadeh, H.: A method for insider threat assessment by modeling the internal employee interactions. Int. J. Inf. Secur. 22, 1385\u20131393 (2023)","journal-title":"Int. J. Inf. Secur."},{"key":"11_CR85","doi-asserted-by":"publisher","first-page":"351","DOI":"10.1016\/j.eswa.2019.05.043","volume":"135","author":"C Soh","year":"2019","unstructured":"Soh, C., Yu, S., Narayanan, A., Duraisamy, S., Chen, L.: Employee profiling via aspect-based sentiment and network for Isider threats detection. Expert Syst. Appl. 135, 351\u2013361 (2019)","journal-title":"Expert Syst. Appl."},{"key":"11_CR86","doi-asserted-by":"publisher","first-page":"273","DOI":"10.1007\/s10588-016-9220-6","volume":"22","author":"JA Sokolowski","year":"2016","unstructured":"Sokolowski, J.A., Banks, C.M., Dover, T.J.: An agent-based approach to modeling insider threat. Comput. Math. Organ. Theory 22, 273\u2013287 (2016)","journal-title":"Comput. Math. Organ. Theory"},{"key":"11_CR87","doi-asserted-by":"crossref","unstructured":"Sokolowski, J.A., Banks, C.M.: An agent-based approach to modeling insider threat. In: Proceedings of the Symposium on Agent-Directed Simulation, pp. 36\u201341. ACM, San Diego (2015)","DOI":"10.1109\/WSC.2015.7408170"},{"key":"11_CR88","doi-asserted-by":"publisher","first-page":"350","DOI":"10.1007\/s10588-016-9209-1","volume":"22","author":"PJ Sticha","year":"2016","unstructured":"Sticha, P.J., Axelrad, E.T.: Using dynamic models to support inferences of insider threat risk. Comput. Math. Organ. Theory 22, 350\u2013381 (2016)","journal-title":"Comput. Math. Organ. Theory"},{"key":"11_CR89","doi-asserted-by":"crossref","unstructured":"Szanto, T., Landweer, H.: Introduction: the phenomenology of emotions\u2014above and beyond \u2019What It Is Like to Feel\u2019. In: Szanto, T., Landweer, H. (eds.) The Routledge Handbook of Phenomenology of Emotion, pp. 1\u201337. Routledge, Oxford (2020)","DOI":"10.4324\/9781315180786-1"},{"key":"11_CR90","doi-asserted-by":"crossref","unstructured":"Takabi, H., Jafarian, J.H.: Insider threat mitigation using moving target defense and deception. In: Proceedings of the 2017 International Workshop on Managing Insider Security Threats, pp. 93\u201396. ACM (2017)","DOI":"10.1145\/3139923.3139935"},{"key":"11_CR91","doi-asserted-by":"crossref","unstructured":"Uebelacker, S., Quiel, S.: The social engineering personality framework. In: Proceedings of the Workshop on Socio-Technical Aspects in Security and Trust, pp. 24\u201330. IEEE, Vienna (2014)","DOI":"10.1109\/STAST.2014.12"},{"key":"11_CR92","doi-asserted-by":"crossref","unstructured":"Whitelaw, F., Riley, J., Elmrabit, N.: A review of the insider threat, a practitioner perspective within the U.K. financial services. IEEE Access 12, 34752\u201334768 (2024)","DOI":"10.1109\/ACCESS.2024.3373265"},{"key":"11_CR93","doi-asserted-by":"publisher","first-page":"403","DOI":"10.1057\/palgrave.ejis.3000592","volume":"15","author":"R Willison","year":"2006","unstructured":"Willison, R., Backhouse, J.: Opportunities for computer crime: considering systems risk from a criminological perspective. Eur. J. Inf. Syst. 15, 403\u2013414 (2006)","journal-title":"Eur. J. Inf. Syst."},{"key":"11_CR94","doi-asserted-by":"crossref","unstructured":"Yang, G., Cai, L., Yu, A., Ma, J., Meng, D., Wu, Y.: Potential malicious insiders detection based on a comprehensive security psychological model. In: Proceedings of the IEEE Fourth International Conference on Big Data Computing Service and Applications (BigDataService), pp. 9\u201316. Bamberg (2018)","DOI":"10.1109\/BigDataService.2018.00011"},{"issue":"6","key":"11_CR95","doi-asserted-by":"publisher","first-page":"3838","DOI":"10.1109\/TEM.2021.3059240","volume":"69","author":"VA Yerdon","year":"2022","unstructured":"Yerdon, V.A., Lin, J., Wohleber, R.W., Matthews, G., Reinerman-Jones, L., Hancock, P.A.: Eye-tracking active indicators of insider threats: detecting illicit activity during normal workflow. IEEE Trans. Eng. Manage. 69(6), 3838\u20133847 (2022)","journal-title":"IEEE Trans. Eng. Manage."},{"key":"11_CR96","doi-asserted-by":"crossref","unstructured":"Yousef, R., Jazzar, M., Eleyan, A., Bejaoui, T.: A machine learning framework & development for insider cyber-crime threats detection. In: Proceedings of the International Conference on Smart Applications, Communications and Networking (SmartNets), pp. 1\u20136. IEEE, Istanbul (2023)","DOI":"10.1109\/SmartNets58706.2023.10215718"},{"key":"11_CR97","doi-asserted-by":"crossref","unstructured":"Zaytsev, A., Malyuk, A., Miloslavskaya, N.: Critical analysis in the research area of insider threats. In: Proceedings of the IEEE 5th International Conference on Future Internet of Things and Cloud (FiCloud), pp. 288\u2013296. IEEE, Prague (2017)","DOI":"10.1109\/FiCloud.2017.16"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Digital Forensics and Cyber Crime"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-89363-6_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,24]],"date-time":"2025-05-24T08:02:54Z","timestamp":1748073774000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-89363-6_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031893629","9783031893636"],"references-count":97,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-89363-6_11","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"25 May 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICDF2C","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Digital Forensics and Cyber Crime","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Dubrovnik","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Croatia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 October 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 October 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icdf2c2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/icdf2c.eai-conferences.org\/2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}