‘Insider Threats’ in Organisations

Insider threats constitute a security risk for all organisations in the Netherlands. Both large companies and small and medium-sized enterprises (SMEs) face the risk that employees with privileged access to organisational assets may cause harm, either intentionally or unintentionally. For example, a former employee may delete data from a server using remote access, an organisational partner may compromise data by sharing it through insecure channels, or an intern may post a photo on social media that reveals sensitive organisational information.

The research

Within the Cybercrime & Cybersecurity research group, a research line on ‘insider threats’ has been initiated to enhance the security of organisations in the Netherlands. An initial mixed-methods study was carried out to lay the foundations of the research line. The study aimed at obtaining an overview of the prevalence, incidence, frequency, and consequences of insider incidents among Dutch SMEs, as well as the cybersecurity measures they implement. Additionally, a protocol to conduct a PRISMA systematic scoping review of the empirical literature on insider threats was registered.

Partners

The research is a collaboration between the Netherlands Institute for the Study of Crime and Law Enforcement (NSCR) and the Centre of Expertise Cyber Security at The Hague University of Applied Sciences.

Progress and results

The research started in 2021 and resulted in the following publication in 2023, which are available online (English):

• Moneva, A., & Leukfeldt, E. R. (2023). Insider threats among Dutch SMEs: Nature and extent of incidents, and cyber security measures. Journal of Criminology, 56(4). https://doi.org/10.1177/26338076231161842
• Moneva, A., Leukfeldt, E. R., & Trinidad, A. (2022, March 11). Protocol – A Systematic Scoping Review of the Empirical Literature on Insider Cyber Threats. https://doi.org/10.17605/OSF.IO/HVMUA

Contact

Asier Moneva – [email protected]