ABSTRACT
This chapter addresses risk factors that are not commonly understood, nor likely/frequently considered as part of the insider threat program. It provides a lot of valuable information on insider threat: assessment and mitigation of risks. The chapter answers the question, what are the factors of insider threats to organization, in a readable and pragmatic way. Primary examples of factors that contribute to unintended insider threat are Human behavioral risk factors as typologies, Organizational process risk factors, Physical environmental risk factors, Architectural IT system wellness risk factors, Aggravated risk mitigation approach, and Unknown factors. The cultural environment of an organization can help us better understand insider threat and influence and/or intervene on how individuals behave in a social psychological context, within the groups that they belong, or interaction within the organization. Individuals and their organizations may be trying to make the right decisions but with limited visibility.
