Browsing by Author "Nurlida Basir [Supervisor]"
Now showing 1 - 1 of 1
Results Per Page
Sort Options
- Some of the metrics are blocked by yourconsent settings
Publication Unintentional Insider Threats Countermeasure Model (UITCM) in Reducing Internal Threat Environment(Universiti Sains Islam Malaysia, 2023-03)Zainab. A. A.AbdelsadeqUnintentional insider threats (UITs) are one of the biggest issues that can weaken the security defence of the organization. Studies have shown existing technical security countermeasures alone are insufficient especially when it deals with human errors. A total of 311 questionnaires were collected from Information Technology Executives of the Small Medium Enterprises (SMEs) in Malaysia to determine the contributing factors and the likelihood of UITs. Quantitative data was analyzed using SPSS. The results showed majority of the respondents alleged that their organizations were very likely to have faced threats with 634 (34.2%), 442 (23.9%) believed that their organizations were likely to confront this threats. While 172 (9.3%) were most likely to have faced such threats. Ignorance and negligence (27%), situation awareness (26%) and human error (22%) were the most contributing factors of UIT in Malaysian SMEs. The survey showed that multi layered defensive approaches including policies, procedures, awareness, attention to sociology, psychology aspects together with automated defence tools are important to fight with the “people issue. Single approach of countermeasure can only addresses some aspects of human errors but not all. Thus the objective of this study is to propose a model that consists of mixed approaches that can be used as countermeasures to UITs in Malaysian’s SMEs. The initial version of the proposed model was developed by combining the existing countermeasures that have been suggested in the literatures. In the second stage, the proposed model was evaluated by expert-based judgement through Delphi method to reach acceptable level of experts’ consensus and remove any uncertainty in the model. Five (5) experts with the composition of 3 practitioners and 2 academicians have evaluated the model with two-round questionnaire. Based on the evaluation, the results indicated that the experts have reach mutual consensus with mean scores more than 75% in term of the theoretical validity, usability and readability and understandability of the model. Since countermeasure is a security control used to protect the confidentiality, integrity, and availability of data and information systems and it should be available at every layer of the stack, it is hoped that the model can be used as a guideline by the organizations to improve their existing UIT countermeasures and indirectly strengthen their strategic, operational as well as financial of the organization.