Importance of Human Error Taxonomy for Unintentional Insider Threat
Abstract
The organization has developed an information security program to guide users in handling their data and systems. However, human errors remain a major challenge to information security. This research aims to explore the human error taxonomy, which is closely linked to human error activities and factors that pose a high risk of information leakage in organizations. To study the activities and factors that contribute to human errors, a systematic literature review was conducted to outline the human errors that impact an organization's information security culture. The paper has utilized the human error taxonomy guidance to identify and classify human error activities with their contributing factors. This approach will assist employees and organizations in understanding the importance of human error taxonomy to prevent unintentional insider threats and enhance their information security measures. The identification and classification of human error activities and factors will provide valuable insights to improve the effectiveness of an organization's information security program.
References
[2] A. Shabtai, Y. Elovici, and L. Rokach, “A survey of data leakage detection and prevention solutions,” in SpringerBriefs in Computer Science, 2012.
[3] C. Boulton, “Humans are (still) the weakest cybersecurity link,” Cio.Com, 2017. .
[4] X. Shu, J. Zhang, D. Yao, S. Member, and W.-C. Feng, “Fast Detection of Transformed Data Leaks,” Ieee Trans. Inf. Forensics Secur., vol. 11, no. 3, pp. 528–542, 2016, doi: 10.1109/TIFS.2015.2503271.
[5] F. L. Greitzer, J. R. Strozer, S. Cohen, A. P. Moore, D. Mundie, and J. Cowley, “Analysis of unintentional insider threats deriving from social engineering exploits,” Proc. - IEEE Symp. Secur. Priv., vol. 2014-Janua, pp. 236–250, 2014, doi: 10.1109/SPW.2014.39.
[6] D. Miyamoto and T. Takahashi, “Toward automated reduction of human errors based on cognitive analysis,” in Proceedings - 7th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2013, 2013, pp. 820–825, doi: 10.1109/IMIS.2013.147.
[7] P. S. Ganguly, “Human error Vs . Work place Management in modern organizations,” Int. J. Res. Manag. Technol., vol. 1, no. 1, pp. 13–17, 2011.
[8] T. Dybå, B. A. Kitchenham, and M. Jorgensen, “Evidence-based software engineering for practitioners,” IEEE Softw., 2005, doi: 10.1109/MS.2005.6.
[9] J. T. Selvik and L. J. Bellamy, “Addressing human error when collecting failure cause information in the oil and gas industry: A review of ISO 14224:2016,” Reliab. Eng. Syst. Saf., no. January, 2019, doi: 10.1016/j.ress.2019.03.025.
[10] V. Anu et al., “Development of a human error taxonomy for software requirements: A systematic literature review,” Inf. Softw. Technol., vol. 103, no. June, pp. 112–124, 2018, doi: 10.1016/j.infsof.2018.06.011.
[11] J. Reason, “Review. Human error.,” Hum. error., 1990.
All materials contained within this journal are protected by Intellectual Property Corporation of Malaysia, Copyright Act 1987 and may not be reproduced, distributed, transmitted, displayed, published, or
broadcast without the prior, express written permission of Centre for Graduate Studies, Universiti Selangor, Malaysia. You may not alter or remove any copyright or other notice from copies of this content.
