An assessment of opportunity-reducing techniques in information security: An insider threat perspective

摘要

This paper presents an evaluation of extant opportunity-reducing techniques employed to mitigate insider threats. Although both motive and opportunity are required to commit maleficence, this paper focuses on the concept of opportunity. Opportunity is more tangible than motive; hence it is more pragmatic to reflect on opportunity-reducing measures. To this end, opportunity theories from the field of criminology are considered. The exploratory evaluation proffers several areas of research and may assist organizations in implementing opportunity-reducing information security controls to mitigate insider threats. The evaluation is not definitive, but serves to inform future understanding.