Home > Research > Publications & Outputs > Detecting insider threats to organizations thro...

Electronic data

  • 2013 - LHB Taylor et al.

    Rights statement: This article may not exactly replicate the final version published in the APA journal. It is not the copy of record.

    Submitted manuscript, 281 KB, PDF document

Links

Text available via DOI:

View graph of relations

Detecting insider threats to organizations through language change

Research output: Contribution to journalJournal articlepeer-review

Published

Standard

Detecting insider threats to organizations through language change. / Taylor, Paul; Dando, Coral; Ormerod, Thomas; Ball, Linden; Jenkins, Marisa; Sandham, Alexandra; Menacere, Tarek.

In: Law and Human Behavior, Vol. 37, No. 4, 08.2013, p. 267-275.

Research output: Contribution to journalJournal articlepeer-review

Harvard

APA

Vancouver

Author

Bibtex

@article{6de9733980164e4897123af33bcf4c07,
title = "Detecting insider threats to organizations through language change",
abstract = "The act of conducting an insider attack carries with it cognitive and social challenges that may affect an offender{\textquoteright}s day-to-day work behavior. We test this hypothesis by examining the language used in e-mails that were sent as part of a 6-hr workplace simulation. The simulation involved participants (N = 54) examining databases and exchanging information as part of a four-stage organized crime investigation. After the first stage, 25% of the participants were covertly incentivized to act as an “insider” by providing information to a provocateur. Analysis of the language used in participants{\textquoteright} e-mails found that insiders became more self-focused, showed greater negative affect, and showed more cognitive processing compared to their coworkers. At the interpersonal level, insiders showed significantly more deterioration in the degree to which their language mimicked other team members over time. Our findings demonstrate how language may provide an indirect way of identifying employees who are undertaking an insider attack. ",
author = "Paul Taylor and Coral Dando and Thomas Ormerod and Linden Ball and Marisa Jenkins and Alexandra Sandham and Tarek Menacere",
note = "This article may not exactly replicate the final version published in the APA journal. It is not the copy of record.",
year = "2013",
month = aug,
doi = "10.1037/lhb0000032",
language = "English",
volume = "37",
pages = "267--275",
journal = "Law and Human Behavior",
issn = "0147-7307",
publisher = "Springer New York",
number = "4",

}

RIS

TY - JOUR

T1 - Detecting insider threats to organizations through language change

AU - Taylor, Paul

AU - Dando, Coral

AU - Ormerod, Thomas

AU - Ball, Linden

AU - Jenkins, Marisa

AU - Sandham, Alexandra

AU - Menacere, Tarek

N1 - This article may not exactly replicate the final version published in the APA journal. It is not the copy of record.

PY - 2013/8

Y1 - 2013/8

N2 - The act of conducting an insider attack carries with it cognitive and social challenges that may affect an offender’s day-to-day work behavior. We test this hypothesis by examining the language used in e-mails that were sent as part of a 6-hr workplace simulation. The simulation involved participants (N = 54) examining databases and exchanging information as part of a four-stage organized crime investigation. After the first stage, 25% of the participants were covertly incentivized to act as an “insider” by providing information to a provocateur. Analysis of the language used in participants’ e-mails found that insiders became more self-focused, showed greater negative affect, and showed more cognitive processing compared to their coworkers. At the interpersonal level, insiders showed significantly more deterioration in the degree to which their language mimicked other team members over time. Our findings demonstrate how language may provide an indirect way of identifying employees who are undertaking an insider attack.

AB - The act of conducting an insider attack carries with it cognitive and social challenges that may affect an offender’s day-to-day work behavior. We test this hypothesis by examining the language used in e-mails that were sent as part of a 6-hr workplace simulation. The simulation involved participants (N = 54) examining databases and exchanging information as part of a four-stage organized crime investigation. After the first stage, 25% of the participants were covertly incentivized to act as an “insider” by providing information to a provocateur. Analysis of the language used in participants’ e-mails found that insiders became more self-focused, showed greater negative affect, and showed more cognitive processing compared to their coworkers. At the interpersonal level, insiders showed significantly more deterioration in the degree to which their language mimicked other team members over time. Our findings demonstrate how language may provide an indirect way of identifying employees who are undertaking an insider attack.

UR - http://www.scopus.com/inward/record.url?scp=84881065059&partnerID=8YFLogxK

U2 - 10.1037/lhb0000032

DO - 10.1037/lhb0000032

M3 - Journal article

AN - SCOPUS:84881065059

VL - 37

SP - 267

EP - 275

JO - Law and Human Behavior

JF - Law and Human Behavior

SN - 0147-7307

IS - 4

ER -