Organizations' readiness for insider attacks: A process-oriented approach

Context: Organizations constantly strive to protect their assets from outsider attacks by implementing various security controls, such as data encryption algorithms, intrusion detection software, firewalls, and antivirus programs. Unfortunately, attackers strike not only from outside the organization but also from within. Such internal attacks are called insider attacks or threats, and the people responsible for them are insider attackers or insider threat agents. Insider attacks pose more significant risks and can result in greater organizational losses than outsider attacks. Thus, every organization should be vigilant regarding such attackers to protect its valuable resources from harm. Finding solutions to protect organizations from such attacks is critical. Despite the importance of this topic, little research has been conducted on providing solutions to mitigate insider attacks. Objective: This study aims to develop an organizational readiness model to assess an organization's readiness for insider attacks. Method: We conducted a multivocal literature review to identify practices that can be used to assess organizations' readiness against insider attacks. These practices were grouped into different knowledge areas of insider attacks for organizations. The insider attack readiness model was developed using identified best practices and knowledge areas: compliance, top management, human resources, and technical. Results: This model was evaluated at two levels—academic and real-world environments. The evaluation results show that the proposed model can identify organizations' readiness against insider attacks. Conclusion: The proposed model can guide organizations through a secure environment against insider attacks.