search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

The Critical Role of Positive Incentives for Reducing Insider Threats

Technical Report
By
This report describes how positive incentives complement traditional practices to provide a better balance for organizations' insider threat programs.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2016-TR-014
DOI (Digital Object Identifier)
10.1184/R1/6585104.v1
Subjects

Abstract

Traditional insider threat practices involve negative incentives that attempt to force employees to act in the interests of the organization and, when relied on excessively, can result in negative unintended consequences that exacerbate insider threats. Positive incentives that attempt to encourage employees to act in the interests of the organization can complement negative incentives. In our research, we identified and analyzed three avenues for aligning the interests of the employee and the organization: job engagement, perceived organizational support, and connectedness with co-workers. Based on an analysis of three insider threat incidents and an exploratory survey of organizations, we developed a model of the disgruntled insider threat problem as it relates to dissatisfaction with the employing organization and the potential benefits associated with positive incentives that improve perceived organizational support and justice. To help organizations understand their options for using positive incentives as part of their insider threat program, we outline workforce management practices to improve employees' feelings of being supported by the organization. This research is a first step toward creating a well-grounded foundation on which insider threat programs can establish a more balanced and effective means of reducing insider threats, one that is a net positive for both the employee and the organization.

SHARE
Download PDF
Part of a Collection

Insider Threats During Pandemic Conditions

SEI 2016 Research Review
Cite This Technical Report

Moore, A., Perl, S., Cowley, J., Collins, M., Cassidy, T., VanHoudnos, N., Buttles-Valdez, P., Bauer, D., Parshall, A., Savinda, J., Monaco, E., Moyes, J., & Rousseau, D. (2016, December 15). The Critical Role of Positive Incentives for Reducing Insider Threats. (Technical Report CMU/SEI-2016-TR-014). Retrieved April 26, 2024, from https://doi.org/10.1184/R1/6585104.v1.

@techreport{moore_2016,
author={Moore, Andrew and Perl, Samuel and Cowley, Jennifer and Collins, Matthew and Cassidy, Tracy and VanHoudnos, Nathan and Buttles-Valdez, Palma and Bauer, Daniel and Parshall, Allison and Savinda, Jeff and Monaco, Elizabeth and Moyes, Jamie and Rousseau, Denise},
title={The Critical Role of Positive Incentives for Reducing Insider Threats},
month={Dec},
year={2016},
number={CMU/SEI-2016-TR-014},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6585104.v1},
note={Accessed: 2024-Apr-26}
}

Moore, Andrew, Samuel Perl, Jennifer Cowley, Matthew Collins, Tracy Cassidy, Nathan VanHoudnos, Palma Buttles-Valdez, Daniel Bauer, Allison Parshall, Jeff Savinda, Elizabeth Monaco, Jamie Moyes, and Denise Rousseau. "The Critical Role of Positive Incentives for Reducing Insider Threats." (CMU/SEI-2016-TR-014). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, December 15, 2016. https://doi.org/10.1184/R1/6585104.v1.

A. Moore, S. Perl, J. Cowley, M. Collins, T. Cassidy, N. VanHoudnos, P. Buttles-Valdez, D. Bauer, A. Parshall, J. Savinda, E. Monaco, J. Moyes, and D. Rousseau, "The Critical Role of Positive Incentives for Reducing Insider Threats," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2016-TR-014, 15-Dec-2016 [Online]. Available: https://doi.org/10.1184/R1/6585104.v1. [Accessed: 26-Apr-2024].

Moore, Andrew, Samuel Perl, Jennifer Cowley, Matthew Collins, Tracy Cassidy, Nathan VanHoudnos, Palma Buttles-Valdez, Daniel Bauer, Allison Parshall, Jeff Savinda, Elizabeth Monaco, Jamie Moyes, and Denise Rousseau. "The Critical Role of Positive Incentives for Reducing Insider Threats." (Technical Report CMU/SEI-2016-TR-014). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 15 Dec. 2016. https://doi.org/10.1184/R1/6585104.v1. Accessed 26 Apr. 2024.

Moore, Andrew; Perl, Samuel; Cowley, Jennifer; Collins, Matthew; Cassidy, Tracy; VanHoudnos, Nathan; Buttles-Valdez, Palma; Bauer, Daniel; Parshall, Allison; Savinda, Jeff; Monaco, Elizabeth; Moyes, Jamie; & Rousseau, Denise. The Critical Role of Positive Incentives for Reducing Insider Threats. CMU/SEI-2016-TR-014. Software Engineering Institute. 2016. https://doi.org/10.1184/R1/6585104.v1

Ask a question about this Technical Report