A Review of the Insider Threat, a Practitioner Perspective Within the U.K. Financial Services

The insider threat within organisational cybersecurity continues to be of great concern globally. The current insider threat detection strategies are acknowledged as ineffective, evidenced by the increased reported events in high-profile insider threats and cyber data loss cases borne from insider and privilege misuse. The impact of insider incidents on Financial Service (FS) organisations is vast, operationally disruptive, and costly from a regulatory, financial, and reputational perspective. Many United Kingdom (UK) FS organisations have invested in insider risk programmes, but there is no sign of the insider threat diminishing. This paper will address the following research questions: 1) What factors influence employees to become malicious insider threats and apply this to employees working within the UK? 2) What preventative measures could be effectively operationalised within UK FS organisations to prevent malicious insider attacks? A literature review was conducted, reviewing 54 articles in peer-reviewed journals. Additional and relevant articles were incorporated to enrich the review, further substantiating the academic currency and context of the study. The review reveals five primary emerging insider threat themes, subsequently discussed and including behavioural indicators, information security behaviours, technical controls, insider threat strategies, and regulation. Throughout the literature review, one primary challenge highlighted the lack of articles published concerning the FS industry; however, the studies reviewed were relevant, appropriate, and applied across this review. Furthermore, the review also considers outcomes from a practitioner’s perspective, offering insights into the limitations of insider threat approaches and strategies and offering potential recommendations.