Biblio
Insider threats can cause immense damage to organizations of different types, including government, corporate, and non-profit organizations. Being an insider, however, does not necessarily equate to being a threat. Effectively identifying valid threats, and assessing the type of threat an insider presents, remain difficult challenges. In this work, we propose a novel breakdown of eight insider threat types, identified by using three insider traits: predictability, susceptibility, and awareness. In addition to presenting this framework for insider threat types, we implement a computational model to demonstrate the viability of our framework with synthetic scenarios devised after reviewing real world insider threat case studies. The results yield useful insights into how further investigation might proceed to reveal how best to gauge predictability, susceptibility, and awareness, and precisely how they relate to the eight insider types.
College students as digital natives suffer from cyberattacks that include social engineering and phishing attacks. Moreover, students as college computer users and as future employees may inadvertently commit cybercrimes as insiders. Cybersecurity awareness programs and training have been found to be effective in reducing the risk of successful cyberattacks related to human users. In this outline, we propose a three dimensional (3D) approach to cybersecurity awareness and training for college students.