{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T23:22:32Z","timestamp":1772061752515,"version":"3.50.1"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319076195","type":"print"},{"value":"9783319076201","type":"electronic"}],"license":[{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-07620-1_24","type":"book-chapter","created":{"date-parts":[[2014,6,10]],"date-time":"2014-06-10T12:55:03Z","timestamp":1402404903000},"page":"270-281","source":"Crossref","is-referenced-by-count":22,"title":["A Critical Reflection on the Threat from Human Insiders \u2013 Its Nature, Industry Perceptions, and Detection Approaches"],"prefix":"10.1007","author":[{"given":"Jason R. C.","family":"Nurse","sequence":"first","affiliation":[]},{"given":"Philip A.","family":"Legg","sequence":"additional","affiliation":[]},{"given":"Oliver","family":"Buckley","sequence":"additional","affiliation":[]},{"given":"Ioannis","family":"Agrafiotis","sequence":"additional","affiliation":[]},{"given":"Gordon","family":"Wright","sequence":"additional","affiliation":[]},{"given":"Monica","family":"Whitty","sequence":"additional","affiliation":[]},{"given":"David","family":"Upton","sequence":"additional","affiliation":[]},{"given":"Michael","family":"Goldsmith","sequence":"additional","affiliation":[]},{"given":"Sadie","family":"Creese","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"24_CR1","unstructured":"Computer Economics: Malicious insider threats (2010), \n                    \n                      http:\/\/www.computereconomics.com\/page.cfm?name=Insider_Threats"},{"key":"24_CR2","unstructured":"Ponemon Institute and Attachmate Corporation: The risk of insider fraud second annual study: Executive summary (2013), \n                    \n                      http:\/\/www.attachmate.com\/resources\/analyst-papers\/bridge-ponemon-insider-fraud-survey.htm"},{"key":"24_CR3","unstructured":"PricewaterhouseCoopers: The global state of information security\u00ae 2014 (2013), \n                    \n                      http:\/\/www.pwc.com\/gx\/en\/consulting-services\/information-security-survey\/index.jhtml"},{"key":"24_CR4","unstructured":"PricewaterhouseCoopers: US state of cybercrime survey (2013), \n                    \n                      http:\/\/www.pwc.com\/us\/en\/increasing-it-effectiveness\/publications\/us-state-of-cybercrime.jhtml"},{"key":"24_CR5","unstructured":"Whitty, M., Wright, G.: Deliverable 3.1 - Short report of findings from Case Studies (Corporate Insider Threat Detection project), Leicester University Report (2013)"},{"key":"24_CR6","unstructured":"Cappelli, D.M., Moore, A.P., Trzeciak, R.F.: The CERT Guide to Insider Threats. Addison-Wesley (2012)"},{"key":"24_CR7","unstructured":"McAfee and Evalueserve: State of security (2011), \n                    \n                      http:\/\/www.mcafee.com\/us\/resources\/white-papers\/wp-state-of-security.pdf"},{"key":"24_CR8","unstructured":"PricewaterhouseCoopers: Cybercrime: Protecting against the growing threat (2012), \n                    \n                      http:\/\/www.pwc.tw\/en\/publications\/events-and-trends\/e256.jhtml"},{"issue":"1","key":"24_CR9","first-page":"4","volume":"2","author":"J. Hunker","year":"2011","unstructured":"Hunker, J., Probst, C.W.: Insiders and insider threats \u2013 an overview of definitions and mitigation techniques. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications\u00a02(1), 4\u201327 (2011)","journal-title":"Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications"},{"key":"24_CR10","unstructured":"Kroll Advisory Solutions and Economist Intelligence Unit: The global fraud report 2012\/13 (2012), \n                    \n                      http:\/\/www.kroll.com\/library\/KRL_FraudReport2012-13.pdf"},{"key":"24_CR11","unstructured":"Shaw, E.D., Stock, H.V.: Behavioral risk indicators of malicious insider theft of intellectual property: Misreading the writing on the wall, Symantec Report (2011)"},{"key":"24_CR12","doi-asserted-by":"crossref","unstructured":"Moore, A.P., Cappelli, D.M., Caron, T.C., Shaw, E., Spooner, D., Trzeciak, R.F.: A preliminary model of insider theft of intellectual property. Technical report, CMU-CERT (2011)","DOI":"10.21236\/ADA589594"},{"key":"24_CR13","unstructured":"Kaspersky: Threatpost series: Insider threats (2011), \n                    \n                      http:\/\/usa.kaspersky.com\/resources\/knowledge-center\/threatpost"},{"key":"24_CR14","doi-asserted-by":"crossref","unstructured":"Moore, A.P., Cappelli, D.M., Trzeciak, R.F.: The \u201cbig picture\u201d of insider IT sabotage across U.S. critical infrastructures. Technical report, CMU-CERT (2008)","DOI":"10.21236\/ADA482452"},{"key":"24_CR15","unstructured":"FBI: Fannie Mae corporate intruder sentenced to over three years in prison for attempting to wipe out fannie mae financial data (2010), \n                    \n                      http:\/\/www.fbi.gov\/baltimore\/press-releases\/2010\/ba121710.htm"},{"key":"24_CR16","unstructured":"Allen, B.: The accidental insider threat: Is your organization ready (expert voices panel) (2012), \n                    \n                      http:\/\/www.boozallen.com\/media\/file\/Accidental-Insider-Threat-Panel-Discussion-Transcript.pdf"},{"key":"24_CR17","unstructured":"Credant: Insider threat (2011), \n                    \n                      http:\/\/go.credant.com\/campaigns-insider"},{"key":"24_CR18","unstructured":"Clearswift: The enemy within: an emerging threat (2013), \n                    \n                      http:\/\/www.clearswift.com\/blog\/2013\/05\/02\/enemy-within-emerging-threat"},{"key":"24_CR19","unstructured":"Wall, D.S.: Organizational security and the insider threat: Malicious, negligent and well-meaning insiders. Technical report, Symantec (2011)"},{"key":"24_CR20","unstructured":"Turner, J.T., Gelles, M.: Threat assessment: A risk management approach. Routledge (2003)"},{"key":"24_CR21","unstructured":"CPNI: CPNI insider data collection study \u2013 report of main findings (2013), \n                    \n                      http:\/\/www.cpni.gov.uk\/Documents\/Publications\/2013\/2013003-insider_data_collection_study.pdf"},{"issue":"4","key":"24_CR22","doi-asserted-by":"publisher","first-page":"853","DOI":"10.1016\/j.dss.2008.11.013","volume":"46","author":"C. Holton","year":"2009","unstructured":"Holton, C.: Identifying disgruntled employee systems fraud risk through text mining: A simple solution for a multi-billion dollar problem. Decision Support Systems\u00a046(4), 853\u2013864 (2009)","journal-title":"Decision Support Systems"},{"key":"24_CR23","unstructured":"The Department for Business, Innovation and Skills (BIS) & PricewaterhouseCoopers: 2013 Information security breaches survey (2013)"},{"key":"24_CR24","unstructured":"Sky News: MoD secrets leaked onto the Internet (2010), \n                    \n                      http:\/\/news.sky.com\/story\/753966\/mod-secrets-leaked-onto-the-internet"},{"key":"24_CR25","unstructured":"Harrysson, M., Metayer, E., Sarrazin, H.: How not to unwittingly reveal company secrets (Harvard Business Review blog network) (2012), \n                    \n                      http:\/\/blogs.hbr.org\/2012\/12\/how-not-to-unwittingly-reveal\/"},{"key":"24_CR26","unstructured":"Kaspersky: Threatpost\u2019s insider threats survey (2011), \n                    \n                      http:\/\/usa.kaspersky.com\/resources\/knowledge-center\/threatpost"},{"issue":"12","key":"24_CR27","doi-asserted-by":"publisher","first-page":"3448","DOI":"10.1016\/j.comnet.2007.02.001","volume":"51","author":"A. Patcha","year":"2007","unstructured":"Patcha, A., Park, J.M.: An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks\u00a051(12), 3448\u20133470 (2007)","journal-title":"Computer Networks"},{"key":"24_CR28","doi-asserted-by":"crossref","unstructured":"Salem, M., Hershkop, S., Stolfo, S.: A survey of insider attack detection research. In: Stolfo, S., Bellovin, S., Keromytis, A., Hershkop, S., Smith, S., Sinclair, S. (eds.) Insider Attack and Cyber Security. Advances in Information Security, vol.\u00a039, pp. 69\u201390. Springer US (2008)","DOI":"10.1007\/978-0-387-77322-3_5"},{"key":"24_CR29","doi-asserted-by":"crossref","unstructured":"Brdiczka, O., Liu, J., Price, B., Shen, J., Patil, A., Chow, R., Bart, E., Ducheneaut, N.: Proactive insider threat detection through graph learning and psychological context. In: IEEE Symposium on Security and Privacy Workshops (2012)","DOI":"10.1109\/SPW.2012.29"},{"issue":"2","key":"24_CR30","doi-asserted-by":"publisher","first-page":"25","DOI":"10.5038\/1944-0472.4.2.2","volume":"4","author":"F.L. Greitzer","year":"2011","unstructured":"Greitzer, F.L., Hohimer, R.E.: Modeling human behavior to anticipate insider attacks. Journal of Strategic Security\u00a04(2), 25\u201348 (2011)","journal-title":"Journal of Strategic Security"},{"key":"24_CR31","doi-asserted-by":"crossref","unstructured":"Greitzer, F.L., Kangas, L.J., Noonan, C.F., Dalton, A.C., Hohimer, R.E.: Identifying at-risk employees: Modeling psychosocial precursors of potential insider threats. In: 45th Hawaii International Conference on System Science. IEEE (2012)","DOI":"10.1109\/HICSS.2012.309"},{"key":"24_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1007\/978-3-642-15152-1_3","volume-title":"Trust, Privacy and Security in Digital Business","author":"M. Kandias","year":"2010","unstructured":"Kandias, M., Mylonas, A., Virvilis, N., Theoharidou, M., Gritzalis, D.: An insider threat prediction model. In: Katsikas, S., Lopez, J., Soriano, M. (eds.) TrustBus 2010. LNCS, vol.\u00a06264, pp. 26\u201337. Springer, Heidelberg (2010)"},{"key":"24_CR33","doi-asserted-by":"crossref","unstructured":"Glasser, J., Lindauer, B.: Bridging the gap: A pragmatic approach to generating insider threat data. In: IEEE Symposium on Security and Privacy Workshops (2013)","DOI":"10.1109\/SPW.2013.37"},{"issue":"4","key":"24_CR34","first-page":"20","volume":"4","author":"P.A. Legg","year":"2013","unstructured":"Legg, P.A., Moffat, N., Nurse, J.R.C., Happa, J., Agrafiotis, I., Goldsmith, M., Creese, S.: Towards a conceptual model and reasoning structure for insider threat detection. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications\u00a04(4), 20\u201337 (2013)","journal-title":"Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications"}],"container-title":["Lecture Notes in Computer Science","Human Aspects of Information Security, Privacy, and Trust"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-07620-1_24","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,2,22]],"date-time":"2020-02-22T23:12:08Z","timestamp":1582413128000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-07620-1_24"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319076195","9783319076201"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-07620-1_24","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014]]}}}