Toward an Insider Threat Education Platform: A Theoretical Literature Review

TL;DR

The paper addresses the insider threat education gap by conducting a theoretical literature review across psychological, technological, and educational domains to inform a dedicated InT education platform. It maps ontologies, frameworks, and prevention strategies from psychology, combines data-driven and trust-based technologies for detection, and surveys SETA-based teaching methods to train employees. The key contribution is a comprehensive cross-domain synthesis that supports building a psychology-first training platform with technology-informed detection, advancing practical applicability for organizations. This work lays a foundation for integrated, human-centered insider threat education with potential to reduce harm by improving recognition and mitigation behaviors.

Abstract

Insider threats (InTs) within organizations are small in number but have a disproportionate ability to damage systems, information, and infrastructure. Existing InT research studies the problem from psychological, technical, and educational perspectives. Proposed theories include research on psychological indicators, machine learning, user behavioral log analysis, and educational methods to teach employees recognition and mitigation techniques. Because InTs are a human problem, training methods that address InT detection from a behavioral perspective are critical. While numerous technological and psychological theories exist on detection, prevention, and mitigation, few training methods prioritize psychological indicators. This literature review studied peer-reviewed, InT research organized by subtopic and extracted critical theories from psychological, technical, and educational disciplines. In doing so, this is the first study to comprehensively organize research across all three approaches in a manner which properly informs the development of an InT education platform.