SaTC: CORE: Small: Thwarting the Malicious Insider Evolution Process: The Theory of Strained Betrayal
Suny At Albany, Albany NY
Investigators
Abstract
Data thefts by malicious insiders are a major threat to national security, as demonstrated by several recent high-profile data breaches attributed to government employees. Often, these breaches occur because loyal employees accumulate strain or become disgruntled due to a variety of psychological stressors such as social injustice, personal injustice, harassment, and overwork. Employees who reach a critical level of strain and who are unable to change their situation may develop negative feelings that can eventually lead to malicious behavior such as data theft. The Theory of Strained Betrayal, proposed by the project team, formalizes a model of this process of a loyal employee transforming into a malicious one that captures the dynamics of job strain manifestation and its culmination in malicious insider activity. This project's goal is to further develop both the theory and potential interventions to reduce employee strain, with the goal of both better understanding and ultimately reducing insider threat behavior. This project investigates insider threat activity in the context of situational factors that cause job strain in the employee who may then resort to malicious activity to reduce that strain, as described by the Theory of Strained Betrayal. In particular, the theory details the Insider Threat Kill Chain, which articulates two defining stages of the process: (1) the trigger point, when an employee is unable to find legitimate avenues for strain reduction and begins to seek opportunities for malicious activity such as data theft or sabotage; and (2) the tipping point, when the employee finds such an opportunity and conducts a malicious activity. Further, the theory posits that strain in individuals is moderated by dispositional factors and influenced by the individual's locus of control, culminating in malicious intentions and behaviors. To refine the theory, the research team will conduct a series of experimental studies designed to induce strain and measure people's willingness to exfiltrate insider data as a function of the amount of strain induced and any methods they have to release the strain, along with the dispositional factors described above. The team will also develop emotion-focused and problem-focused interventions aimed at disrupting the manifestation of malicious behavior originating from strain. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →