Influencing factors identification in smart society for insider threat in law enforcement agency using a mixed method approach

One of the main principle goals for threat protection is to understand the behavior of the employee. An employee who is trusted will have the potential to cause more harm to the organization by collapsing the stability of the computing systems. Thus, insider threat is one of the major security flaws and is very hard to overcome. Currently, in Royal Malaysian Police (RMP) organization, there is a lack of a framework to access such insider threats in their daily operations as well as no data dissemination Standard Operation Policies. Hence, the objective of this research study is to identify the insider threat factors in order to propose best practices, guidelines, policies and security procedures to effectively manage them. This research adapted a mix method approach which is the quantitative methodology in phase one followed by the qualitative method accomplished through semi-structured interviews in a second phase. In the quantitative phase, all the factors were verified and validated by distributing the survey questionnaire to 384 participants from different locations which include the RMP officer, security specialist and administrative officers. The outcome of quantitative data collection was categorized into eight specific influencing factors. These eight factors were further validated through an interview session with 50 participants. The identified factors will be used for design and development of information security best design practices and also as mitigation methods to reduce insider threat risk in the RMP organization.