Examining Employee Social Media Deviance: A Psychological Contract Breach Perspective

With the prevalence of social media, employees’ deviant behaviors on social media can go viral and result in unpredictable negative outcomes beyond the workplace. This paper investigates the relationship between abusive supervision and employee social media deviance from the theoretical perspective of psychological contract breach (PCB), and examine the moderating role of social media controls. Building on prior studies of abusive supervision and employee workplace deviance, this paper argues that abusive supervision plays a crucial motivational role in triggering employee social media deviance. Our results demonstrate that employees who experience abusive supervision are more likely to perceive PCB, and thus engage in social media deviance. User awareness of social media policy and informal sanctions can weaken the positive relationship between employee perceived PCB and social media deviance

A Privacy-Preserving, Context-Aware, Insider Threat prevention and prediction model (PPCAITPP)

The insider threat problem is extremely challenging to address, as it is committed by insiders who are trusted and authorized to access the information resources of the organization. The problem is further complicated by the multifaceted nature of insiders, as human beings have various motivations and fluctuating behaviours. Additionally, typical monitoring systems may violate the privacy of insiders. Consequently, there is a need to consider a comprehensive approach to mitigate insider threats. This research presents a novel insider threat prevention and prediction model, combining several approaches, techniques and tools from the fields of computer science and criminology. The model is a Privacy- Preserving, Context-Aware, Insider Threat Prevention and Prediction model (PPCAITPP). The model is predicated on the Fraud Diamond (a theory from Criminology) which assumes there must be four elements present in order for a criminal to commit maleficence. The basic elements are pressure (i.e. motive), opportunity, ability (i.e. capability) and rationalization. According to the Fraud Diamond, malicious employees need to have a motive, opportunity and the capability to commit fraud. Additionally, criminals tend to rationalize their malicious actions in order for them to ease their cognitive dissonance towards maleficence. In order to mitigate the insider threat comprehensively, there is a need to consider all the elements of the Fraud Diamond because insider threat crime is also related to elements of the Fraud Diamond similar to crimes committed within the physical landscape. The model intends to act within context, which implies that when the model offers predictions about threats, it also reacts to prevent the threat from becoming a future threat instantaneously. To collect information about insiders for the purposes of prediction, there is a need to collect current information, as the motives and behaviours of humans are transient. Context-aware systems are used in the model to collect current information about insiders related to motive and ability as well as to determine whether insiders exploit any opportunity to commit a crime (i.e. entrapment). Furthermore, they are used to neutralize any rationalizations the insider may have via neutralization mitigation, thus preventing the insider from committing a future crime. However, the model collects private information and involves entrapment that will be deemed unethical. A model that does not preserve the privacy of insiders may cause them to feel they are not trusted, which in turn may affect their productivity in the workplace negatively. Hence, this thesis argues that an insider prediction model must be privacy-preserving in order to prevent further cybercrime. The model is not intended to be punitive but rather a strategy to prevent current insiders from being tempted to commit a crime in future. The model involves four major components: context awareness, opportunity facilitation, neutralization mitigation and privacy preservation. The model implements a context analyser to collect information related to an insider who may be motivated to commit a crime and his or her ability to implement an attack plan. The context analyser only collects meta-data such as search behaviour, file access, logins, use of keystrokes and linguistic features, excluding the content to preserve the privacy of insiders. The model also employs keystroke and linguistic features based on typing patterns to collect information about any change in an insider’s emotional and stress levels. This is indirectly related to the motivation to commit a cybercrime. Research demonstrates that most of the insiders who have committed a crime have experienced a negative emotion/pressure resulting from dissatisfaction with employment measures such as terminations, transfers without their consent or denial of a wage increase. However, there may also be personal problems such as a divorce. The typing pattern analyser and other resource usage behaviours aid in identifying an insider who may be motivated to commit a cybercrime based on his or her stress levels and emotions as well as the change in resource usage behaviour. The model does not identify the motive itself, but rather identifies those individuals who may be motivated to commit a crime by reviewing their computer-based actions. The model also assesses the capability of insiders to commit a planned attack based on their usage of computer applications and measuring their sophistication in terms of the range of knowledge, depth of knowledge and skill as well as assessing the number of systems errors and warnings generated while using the applications. The model will facilitate an opportunity to commit a crime by using honeypots to determine whether a motivated and capable insider will exploit any opportunity in the organization involving a criminal act. Based on the insider’s reaction to the opportunity presented via a honeypot, the model will deploy an implementation strategy based on neutralization mitigation. Neutralization mitigation is the process of nullifying the rationalizations that the insider may have had for committing the crime. All information about insiders will be anonymized to remove any identifiers for the purpose of preserving the privacy of insiders. The model also intends to identify any new behaviour that may result during the course of implementation. This research contributes to existing scientific knowledge in the insider threat domain and can be used as a point of departure for future researchers in the area. Organizations could use the model as a framework to design and develop a comprehensive security solution for insider threat problems. The model concept can also be integrated into existing information security systems that address the insider threat problemInformation ScienceD. Phil. (Information Systems

Where do beliefs about music piracy come from and how are they shared?

Research suggests that those individuals engaging in music piracy have little concern for the potentially negative consequences of engaging in this illegal activity. This study aims to build on previous research which finds that sub-cultural piracy knowledge is effectively transmitted online. Explicitly, this study aims to observe the various justifications people forward to rationalise engagement in music piracy, in accordance with Sykes and Matza’s (1957) widely researched neutralization theory, and if techniques used to rationalize behaviours are shared amongst those individuals found to be discussing and engaging in music piracy online. The research examines naturally occurring discourse across three online settings, finding a widespread perception that there is ‘no harm done’ and that tips to work around web-blocking are exchanged online, including in public spaces such as Twitter. However, differences were found in the beliefs and attitudes of the sample. The study raises key conceptual issues about the theory used

How people perceive malicious comments differently: factors influencing the perception of maliciousness in online news comments

This study proposes a comprehensive model to investigate the factors that influence the perceived maliciousness of online news comments. The study specifically examines individual factors, including demographic characteristics (e.g., gender and age), personality traits (e.g., empathy and attitudes toward online news comments), and reading-related factors (e.g., the amount of news comment reading). Contextual factors such as issue involvement, perceived peer behavior, and the presence of malicious comments in news articles are also considered. The results suggest that most of the proposed variables have a significant impact on the perceived maliciousness of online news comments, except for morality and issue involvement. The findings have important theoretical implications for research on malicious online news comments and provide practical guidelines for online news platforms on how to reduce malicious comments by visualizing them alongside other news comments

The Role of Informal Workers in Online Economic Crime

(Context) Online economic crime leverages information technologies (IT) for illegal wealth redistribution, such as banking theft. Such crime requires a series of actions, a scheme, to be successful. Informal workers, individuals whose economic activities escape regulations, can be leveraged to execute various tasks surrounding these schemes. However, what these workers represent for online economic crime organizations, and their impact on the reach and sophistication of the crime, has yet to be uncovered. This thesis focuses on understanding the contexts, motivations, and organizations of those behind online economic crime. While doing so, it assesses the role and availability of an informal IT workforce surrounding the crime organization and its likelihood to participate in such criminal schemes. (Methods and Data) This thesis builds on three data sources: (1) 21 semi-structured interviews with experts, (2) a private chat log containing discussions among individuals involved in online economic crime, and (3) two datasets on an informal IT workforce operating on a digital labor platform. A blend of qualitative and quantitative analyses is developed, including inductive thematic analysis, non-parametric statistical hypothesis tests, and group-based trajectory modeling. (Results) The findings illustrate three key contextual factors influencing those behind online economic crime: a lack of legal economic opportunities, a lack of deterrents and the availability of drifting means. Organizations behind online economic crime are found to take various forms, from organized, to enterprise-like, loose networks or communities. They are also characterized by a large sphere of influence given the indispensable workers hired to help with the crime orchestration. Among them, informal workers from the IT sector are found to be particularly important: they represent a pool of potential workers for all legal tasks surrounding online economic crime, and they can be leveraged easily due to digital labor platforms. However, further investigations illustrate that the benefits of hiring informal IT workers may be hindered by high transaction costs, including high hiring, switching, and monitoring costs. Moreover, the likelihood of informal IT workers to participate in crime-oriented spaces is found to be limited. (Conclusion) This study sheds light on the organization of online economic crime and the role of informal IT workers at the periphery. It provides both theoretical and empirical explanations as to why online economic crime is characterized by long reach, in terms of victims, and sophistication. It also offers nuanced concepts (e.g., drifters, informal workforce) to better grasp the organization of online economic crime and the degrees of involvement of those surrounding the crime

A unified classification model to insider threats to information security

Prior work on insider threat classification has adopted a range of definitions, constructs, and terminology, making it challenging to compare studies. We address this issue by introducing a unified insider threat classification model built through a comprehensive and systematic review of prior work. An insider threat can be challenging to predict, as insiders may utilise motivation, creativity, and ingenuity. Understanding the different types of threats to information security (and cybersecurity) is crucial as it helps organisations develop the right preventive strategies. This paper presents a thematic analysis of the literature on the types of insider threats to cybersecurity to provide cohesive definitions and consistent terminology of insider threats. We demonstrate that the insider threat exists on a continuum of accidental, negligent, mischievous, and malicious behaviour. The proposed insider threat classification can help organisations to identify, implement, and contribute towards improving their cybersecurity strategies

Why Do Adults Engage in Cyberbullying on Social Media? An Integration of Online Disinhibition and Deindividuation Effects with the Social Structure and Social Learning Model

postprin

Does Sleep Deprivation Cause Online Incivility? Evidence from a Natural Experiment

Incivility between members is a major concern for many online communities. This paper provides empirical evidence that sleep deprivation is an important cause of incivility in online communities. Identification comes from the shift to Daylight Saving Time (DST) which leads to individuals experiencing reduced sleep time. Using an archival dataset from English Wikipedia and an annotated corpus, we train machine learning algorithms to automatically identify personal attack, aggressive, and toxic comments. We show that compared to other days, about 22% more uncivil messages originate from the impacted regions on the Mondays following the switch to DST. We also find that the effect is stronger for incivility on article talk pages compared with incivility on user talk pages. We discuss the strategies that can mitigate the harms to online communities due to sleep deprivation

Human Errors in Data Breaches: An Exploratory Configurational Analysis

Information Systems (IS) are critical for employee productivity and organizational success. Data breaches are on the rise—with thousands of data breaches accounting for billions of records breached and annual global cybersecurity costs projected to reach $10.5 trillion by 2025. A data breach is the unauthorized disclosure of sensitive information—and can be achieved intentionally or unintentionally. Significant causes of data breaches are hacking and human error; in some estimates, human error accounted for about a quarter of all data breaches in 2018. Furthermore, the significance of human error on data breaches is largely underrepresented, as hackers often capitalize on organizational users’ human errors resulting in the compromise of systems or information. The research problem that this study addressed is that organizational data breaches caused by human error are both costly and have the most significant impact on Personally Identifiable Information (PII) breaches. Human error types can be classified in three categories—Skill-Based Error (SBE), Rule-Based Mistakes (RBM), and Knowledge-Based Mistakes (KBM)—tied to the associated levels of human performance. The various circumstantial and contextual factors that influence human performance to cause or contribute to human error are called Performance Influencing Factors (PIF). These PIFs have been examined in the safety literature and most notably in Human Reliability Analysis (HRA) applications. The list of PIFs is context specific and had yet to be comprehensively established in the cybersecurity literature—a significant research gap. The main goal of this research study was to employ configurational analysis—specifically, Fuzzy-Set Qualitative Analysis (fsQCA)—to empirically assess the conjunctural causal relationship of internal (individual) and external (organizational and contextual) Cybersecurity Performance Influencing Factors (CS-PIFs) leading to Cybersecurity Human Error (CS-HE) (SBE, RBM, and KBM) that resulted in the largest data breaches across multiple organization types from 2007 to 2019 in the United States (US). Feedback was solicited from 31 Cybersecurity Subject Matter Experts (SME), and they identified 1st order CS-PIFs and validated the following 2nd order CS-PIFs: organizational cybersecurity; cybersecurity policies and procedures; cybersecurity education, training, and awareness; ergonomics; cybersecurity knowledge, skills, and abilities; and employee cybersecurity fitness for duty. Utilizing data collected from 102 data breach cases, this research found that multiple combinations, or causal recipes, of CS-PIFs led to certain CS-HEs, that resulted in data breaches. Specifically, seven of the 36 fsQCA models had solution consistencies that exceeded the minimum threshold of 0.80, thereby providing argument for the contextual nature of CS-PIFs, CS-HE, and data breaches. Two additional findings were also discovered—five sufficient configurations were present in two models, and the absence of strong cybersecurity knowledge, skills, and abilities is a necessary condition for all cybersecurity human error outcomes in the observed cases