Date of this Version
This brochure presents a framework to view threats made by an insider that are targeted or intentional (as opposed to negligent or unintentional) and that involve some degree of deliberation (as opposed to those that may be considered impulsive). The framework was developed with the assumption that it must:
Be applicable for both anonymous and known subjects
Recognize interactions and patterns of behavior
Allow for investigation with whatever information is immediately available
Recognize that behaviors or warning activity may shift, decrease, or be emboldened by protective or organizational actions
Insider attacks are often handled internal to an organization and are under-reported to law enforcement agencies. This has limited the sample of insider threats available for research in this area. Most of the available literature related to insider threats exists in areas outside of behavioral science. It is generally conceptual in nature rather than data driven and often focuses on threats to information systems.
The field of threat assessment represents a blending of behavioral science, intelligence, and law enforcement strategies. It evolved from practices used to assess and manage dangerousness (potential risk for violence).