Malaysia’s Insider Threat Risk: Developing a Tool Academic Article uri icon

abstract

  • Insider threats pose significant challenges for organizations, causing severe financial and reputational damage. This study aims to develop a tool for measuring human, technical, and organizational factors contributing to insider threat risk levels in Malaysia's information and communications technology (ICT) sectors. We examined 40 items across these factors, validated by experts for content and criterion validity. We conducted a pre-test, adjusted based on expert feedback, and conducted a pilot study with 110 respondents from government agencies, ICT companies, and public tertiary institutions in Malaysia. Using IBM Statistical Package for Social Sciences, version 25.0, we performed exploratory factor analysis and tested the data with Bartlett's Test of Sphericity and Kaiser-Meyer-Olkin sampling adequacy tests. Cronbach's alpha assessed item reliability. The EFA grouped fifteen human factor items into three components: personal problems, negative personality traits, and inadequate security training. Four technical factor items formed one component, while fifteen organizational factor items split into issues with organizational practice, inadequate risk management, and ineffective management systems. Six insider threat risk level items formed a single component. Bartlett's Test of Sphericity was highly significant (Sig. < 0.001), and KMO values for all constructs exceeded 0.7, indicating excellent sampling adequacy. The overall Cronbach’s alpha value for 40 items was 0.97, confirming the instrument's consistency and stability. These findings provide a reliable tool for predicting insider threat risk levels in Malaysia’s ICT sectors, useful for researchers and practitioners alike.

publication date

  • 2024

number of pages

  • 13

start page

  • 187

end page

  • 200

volume

  • 05

issue

  • 04