What Do We Know About the Psychology of Insider Threats?
Jukka Ruohonen, Mubashrah Saddiqa
TL;DR
The paper addresses how psychology informs insider threat risk, by conducting a systematic literature review focused on psychological perspectives. It synthesizes taxonomies, theoretical foundations, personal characteristics, traits, states, and neuropsychology branches. Key findings show multiple theories (SCP, deterrence, TRA/TPB, SBT, SET) but a lack of robust, testable psychology theories and weak replication. Practically, the work highlights the need for longitudinal studies, cautions against intrusive profiling, and invites integration of psychology with technical defenses.
Abstract
Insider threats refer to threats originating from people inside organizations. Although such threats are a classical research topic, the systematization of existing knowledge is still limited particularly with respect to non-technical research approaches. To this end, this paper presents a systematic literature review on the psychology of insider threats. According to the review results, the literature has operated with multiple distinct theories but there is still a lack of robust theorization with respect to psychology. The literature has also considered characteristics of a person, his or her personal situation, and other more or less objective facts about the person. These are seen to correlate with psychological concepts such as personality traits and psychological states of a person. In addition, the review discusses gaps and limitations in the existing research, thus opening the door for further psychology research.