In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Tenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2016)
Title: The Threats that Insiders Pose to Critical Infrastructure – a South African Perspective
Author(s): Daryll Heneke, Jacques Ophoff, Adrie Stander
Keywords: Critical Infrastructure, Insider Threat, Information Security, Cyber Security
Abstract: Insider threat is reported less frequently than cyber-attacks yet remains an important information security risk in organisations. It is arguably more difficult to handle due to the access and knowledge of the insider. We report the results of a qualitative study across four critical infrastructure (defence, telecommunications, energy, and financial) organisations in South Africa on the perception and management of insider threat. The results show that the organisations have various cyber-security related plans in place, yet these are only not always enforced, monitored, or updated as the threat landscape changes. Within organisations insider threat is not always considered to be of strategic importance at the executive management level, leading to a lack of funding to mitigate risks. In order to reduce the risk of insider threats it is vitally important to create a culture of security compliance among all employees of the organisation. This should be driven by a top-down management approach. Where managers have taken responsibility, and were driving the awareness and compliance with security policies, the understanding and reduction of insider threats was clearly evident.
Download count: 995
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.