Angel L. Hueca, Karla Clarke, Yair levy:

Cyber exploitation and malicious activities have become more sophisticated. Insider threat is
one of the most significant cybersecurity threat vector, while posing a great concern to
corporations and governments. An overview of the fundamental motivating forces and motivation
theory are discussed. Such overview is provided to identify motivations that lead trusted
employees to become insider threats in the context of cybersecurity. A research agenda with two
sequential experimental research studies are outlined to address the challenge of insider threat
mitigation by a prototype development. The first proposed study will classify data intake feeds,
as recognized and weighted by cybersecurity experts, in an effort to establish predictive analytics
of novel correlations of activities that may lead to cybersecurity incidents. It will also develop
approach to identify how user activities can be compared against an established baseline, the
user’s network cybersecurity pulse, with visualization of simulated users’ activities. Additionally,
the second study will explain the process of assessing the usability of a developed visualization
prototype that intends to present correlated suspicious activities requiring immediate action.
Successfully developing the proposed prototype via feeds aggregation and an advanced
visualization from the proposed research could assist in the mitigation of malicious insider
threat.

Full research agenda here: http://www.iiakm.org/conference/proceedings/KM_2016_RefereedProceedingsPapers.pdf