Date of Conferral

2-15-2024

Date of Award

February 2024

Degree

Doctor of Information Technology (D.I.T.)

School

Management

Advisor

Cynthia Phillips

Abstract

Some information technology (IT) security professionals lack strategies to protect against insider threats. This lack of strategy is concerning because of the widespread organizational damages from insider threat incidents within global organizations, which often lead to financial penalties against organizations and a lack of public trust. Based upon the total quality management model, the goal of this qualitative multiple-case study was to explore strategies IT security managers used to secure their organizations against threats from trusted insiders. Data were collected by conducting semi-structured interviews with five high-level network security practitioners specializing in insider threat mitigation. Five themes emerged during data analysis: risk acceptance and tolerance, operating environment limitations, employee profiling, proactive measures, and measurement of success. A key recommendation is for IT security managers to implement a risk register for security gaps in their organizations to improve their insider threat mitigation strategies. The potential implications for positive social change include bolstering the public’s confidence in the organizational safeguarding of personal information, leading to improved security relating to economic transactions.

Share

 
COinS