从网络良性到网络恶意:基于阶段理论视角揭示内部人员网络恶意行为的演变

From cyber benign to cyber malicious: unveiling the evolution of insider cyber maliciousness from a stage theory perspective

European Journal of Information Systems · 2024
被引 2
ABS 4

中文导读

本研究通过跨行业内部人员访谈,采用阶段理论探索内部人员从良性到恶意网络行为的演变过程,揭示了驱动恶意行为的初始、后续和重复感知与情绪,为组织及时干预提供了新基础。

Abstract

Insider cyber maliciousness presents a significant challenge to organizational security. Existing research has focused on identifying determinants of malicious cyber behavior but has not accounted for the progression insiders go through in arriving at the point where they look to harm their employers. This knowledge gap prevents organizations from potentially derailing acts of cyber maliciousness through timely interventions. Based on interviews with a cross-industry sample of organizational insiders, this study adopts a stage theory development approach to explore the progression of insiders from cyber benign to cyber malicious. Stage theories are useful frameworks that help explain how individuals’ perceptions, emotions, and/or behaviors progress through distinct and qualitatively different stages of development. By uncovering the initial, subsequent, and recurring perceptions and emotions that drive insiders to engage in malicious cyber activities, this research contributes to a deeper understanding of the phenomenon. Our findings establish a new basis for understanding insider cyber maliciousness, presenting it as an evolutionary progression. As such, our findings also reorient the focus of malicious insider interventions toward strain-reducing or strain-relieving interventions based on the initial, subsequent, or recurring strain experiences.

信息安全组织行为内部威胁阶段理论