Rights statement: This article may not exactly replicate the final version published in the APA journal. It is not the copy of record.
Submitted manuscript, 281 KB, PDF document
Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - Detecting insider threats to organizations through language change
AU - Taylor, Paul
AU - Dando, Coral
AU - Ormerod, Thomas
AU - Ball, Linden
AU - Jenkins, Marisa
AU - Sandham, Alexandra
AU - Menacere, Tarek
N1 - This article may not exactly replicate the final version published in the APA journal. It is not the copy of record.
PY - 2013/8
Y1 - 2013/8
N2 - The act of conducting an insider attack carries with it cognitive and social challenges that may affect an offender’s day-to-day work behavior. We test this hypothesis by examining the language used in e-mails that were sent as part of a 6-hr workplace simulation. The simulation involved participants (N = 54) examining databases and exchanging information as part of a four-stage organized crime investigation. After the first stage, 25% of the participants were covertly incentivized to act as an “insider” by providing information to a provocateur. Analysis of the language used in participants’ e-mails found that insiders became more self-focused, showed greater negative affect, and showed more cognitive processing compared to their coworkers. At the interpersonal level, insiders showed significantly more deterioration in the degree to which their language mimicked other team members over time. Our findings demonstrate how language may provide an indirect way of identifying employees who are undertaking an insider attack.
AB - The act of conducting an insider attack carries with it cognitive and social challenges that may affect an offender’s day-to-day work behavior. We test this hypothesis by examining the language used in e-mails that were sent as part of a 6-hr workplace simulation. The simulation involved participants (N = 54) examining databases and exchanging information as part of a four-stage organized crime investigation. After the first stage, 25% of the participants were covertly incentivized to act as an “insider” by providing information to a provocateur. Analysis of the language used in participants’ e-mails found that insiders became more self-focused, showed greater negative affect, and showed more cognitive processing compared to their coworkers. At the interpersonal level, insiders showed significantly more deterioration in the degree to which their language mimicked other team members over time. Our findings demonstrate how language may provide an indirect way of identifying employees who are undertaking an insider attack.
UR - http://www.scopus.com/inward/record.url?scp=84881065059&partnerID=8YFLogxK
U2 - 10.1037/lhb0000032
DO - 10.1037/lhb0000032
M3 - Journal article
AN - SCOPUS:84881065059
VL - 37
SP - 267
EP - 275
JO - Law and Human Behavior
JF - Law and Human Behavior
SN - 1573-661X
IS - 4
ER -