Insider Threats: The Cybersecurity Analysis using OCTAVE Allegro which are combined with HAIS-Q
DOI:
https://doi.org/10.61132/uranus.v3i1.649Keywords:
Cybersecurity, Threats, Insider, SMEsAbstract
There are various types of cybersecurity threat in the globe, one of which is an insider threat. Because the current vulnerability generates an insider threat, SMEs suffer. In this situation, the company suffers a loss of profit and trust. Because of the speed and intensity of cybersecurity, particularly internal threats, SMEs must conduct regular vulnerability assessments. Insider threats to cyber security are a major issue in today's environment. Insider threats come in a variety of flavours, one of which is the unintended insider threat, or UIsT. This type of threat is a real one, and it is important to understand who and how they can become an insider threat.
References
C. and E. U. A. for Cybersecurity, Paggio, V., Bafoutsou, G., & Sarri, A. (2021). Cybersecurity for SMEs: Challenges and recommendations. Publications Office. https://doi.org/10.2824/770352
Caralli, R., Stevens, J., Young, L., & Wilson, W. (2007). Introducing OCTAVE Allegro: Improving the information security risk assessment process. Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=8419
Collins, M., et al. (2021). Common sense guide to mitigating insider threats, fifth edition. https://doi.org/10.1184/R1/12890918.v1
García-Porras, C., Huamani-Pastor, S., & Armas-Aguirre, J. (2018). Information security risk management model for Peruvian SMEs. In 2018 IEEE Sciences and Humanities International Research Conference (SHIRCON) (pp. 1–5). IEEE. https://doi.org/10.1109/SHIRCON.2018.8592994
Gilbert, N. (2022). 31 crucial insider threat statistics: 2022 latest trends & challenges. FinancesOnline.com. Accessed December 3, 2022. https://financesonline.com/insider-threat-statistics/
Greitzer, F. L., et al. (2014). Unintentional insider threat: Contributing factors, observables, and mitigation strategies. In 2014 47th Hawaii International Conference on System Sciences (pp. 2025–2034). IEEE. https://doi.org/10.1109/HICSS.2014.256
Irani, E. (2019). The use of videoconferencing for qualitative interviewing: Opportunities, challenges, and considerations. Clinical Nursing Research, 28(1), 3–8.
Komikesari, H., et al. (2020). Development of e-module using flip pdf professional on temperature and heat material. Journal of Physics: Conference Series, 1572(1), 012017. https://doi.org/10.1088/1742-6596/1572/1/012017
Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2014). Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q). Computers & Security, 42, 165–176. https://doi.org/10.1016/j.cose.2013.12.003
Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2013). The development of the human aspects of information security questionnaire (HAIS-Q). In ACIS 2013: Information Systems: Transforming the Future. RMIT University.
Rafiah, K. K., Widianto, S., Kamal, I., Shofiana, A., Fajar, A. M., & Rudini, A. A. (2022). Digital readiness of SMEs: An insight from Indonesia. AFEBI Management and Business Review, 7(1), Article 1. https://doi.org/10.47312/ambr.v7i01.517
Sarkar, K. R. (2010). Assessing insider threats to information security using technical, behavioural and organisational measures. Information Security Technical Report, 15(3), 112–133. https://doi.org/10.1016/j.istr.2010.11.002
Shapka, J. D., Domene, J. F., Khan, S., & Yang, L. M. (2016). Online versus in-person interviews with adolescents. Computers in Human Behavior, 58, 361–367. https://doi.org/10.1016/j.chb.2016.01.016
Suroso, J. S., & Fakhrozi, M. A. (2018). Assessment of information system risk management with Octave Allegro at education institution. Procedia Computer Science, 135, 202–213. https://doi.org/10.1016/j.procs.2018.08.167
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Uranus : Jurnal Ilmiah Teknik Elektro, Sains dan Informatika

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.