Today, the “Insider Threat” problem remains a persistent dilemma. It refers to insiders, working within an organisation and causing harm to the organisation. The problem is that although the notion of “Insider Threat” is regarded as one of the major cybersecurity threats, it is also one of the lesser researched fields in cybersecurity. Furthermore, it is difficult to make an overall assessment of what aspects of “Insider Threat”-research is currently being undertaken and if the current research is indeed relevant for minimising cybersecurity risks. This study employed a topic modelling approach toward the identification of current insider threat research topics. The topic modelling outputs revealed current insider threat research topics such as: insider threats based on human behaviour; insider threat attack detection on networks; insider threats in cloud computing; insider threat detection within technologies; and the human factor in insider threat attacks. The identified current insider threat research topics were evaluated against current cybersecurity trends, to identify research gaps. The findings reported in this paper clearly indicate a misalignment between current insider threat research and current cybersecurity trends.

“Research: Why Employees Violate Cybersecurity Policies” (20 January 2022). [Online]. Available: https://hbr.org/2022/01/research-why-employees-violate-cybersecurity-policies. [Accessed 02 August 2024].

Ajayi O., Abouali M. and Saadawi T. (2020). “Blockchain Architecture for Secured Inter-Healthcare Electronic Health Records Exchange”, in The 12th International workshop on information Network and Design (WIND 2020).

Ajayi O., Abouali M. and Saadawi T. (2020). “Secure Architecture for Inter-Healthcare Electronic Health Records Exchange”, in 2020 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS).

Alkilani H., Nasereddin M., Hadi A. and Tedmori S. (2019). “Data Exfiltration Techniques and Data Loss Prevention System”, in International Arab Conference on Information Technology, ACIT 2019, Al Ain, United Arab Emirates, December 3-5, 2019.

Al-Mhiqani M. N., Ahmad R., Abidin Z. Z., Yassin W., Hassan A. and Mohammad A. N. 2020. “New insider threat detection method based on”, Indonesian Journal of Electrical Engineering and Computer Science, vol. 17, no. 3, pp. 1474-1479.

Al-Mhiqani M. N., Ahmad R., Abidin Z., Yassin W., Hassan A., Abdulkareem K. H., Ali N. S. and Yunos Z. (2020). “A Review of Insider Threat Detection: Classification, Machine Learning Techniques, Datasets, Open Challenges, and Recommendations”, Applied Sciences, vol. 10, no. 15, pp. 5208-5249.

Althebyan Q. (2020). “Mitigating Insider Threats on the Edge: A Knowledgebase Approach”, The International Arab Journal of Information Technology, vol. 17, no. 4A, pp. 621-628.

Anju A., Krishnamurthy M., Nithakalyani M., Shalini K. and Haritha R. (2023). “A Review to Analyze Insider Threats Using Machine Learning Techniques”, in Information and Communication Technology for Competitive Strategies (ICTCS 2022), Singapore.

Asmawi A., Affendey L. S., Udzir N. I. and Mahmod R. (2019). “Implementing severity factor to mitigate malicious insider,” International Journal of Innovative Technology and Exploring Engineering, vol. 8, no. 7, pp. 319-322.

Attou H., Mohy-eddine M., Guezzaz A., Benkirane S., Azrour M., Alabdultif A. and Almusallam N. (2023). “Towards an Intelligent Intrusion Detection System to Detect Malicious Activities in Cloud Computing”, Applied Sciences, vol. 13, no. 17.

Baskerville R. L. (1993). “Information Systems Security Design Methods”, ACM Computing Surveys, vol. 25, no. 4, pp. 375-414.

Bewong M., Wondoh J., Kwashie S., Liu J., Liu L., Li J., Islam M. Z. and Kernot D. (2023). “DATM: A Novel Data Agnostic Topic Modeling Technique with Improved Effectiveness for Both Short and Long Text”, IEEE Access, vol. 11, pp. 32826-32841.

Bin B. Sarhan and Altwaijry N. (2023). https://doi.org/10.3390/app13010259, Applied Sciences, vol. 13, no. 1.

Carroll J. M. (1995). Computer Security, Elsevier.

Carroll M. D. (2006). “Information security: examining and managing the insider threat”, in Proceedings of the 3rd Annual Conference on Information Security Curriculum Development, InfoSecCD 2006, Kennesaw, Georgia, USA, September 22-23, Kennesaw.

Chinyemba M. K. and Phiri J. (2018). “An Investigation into Information Security Threats from Insiders and how to Mitigate them: A Case Study of Zambian Public Sector”, Journal of Computational Science, vol. 14, no. 10, pp. 1389-1400.

Choubey S. (2024). “Gartner Predicts 30% of Enterprises Will Consider Identity Verification and Authentication Solutions Unreliable in Isolation Due to AI-Generated Deepfakes by 2026”, 1 February 2024. [Online]. Available: https://www.gartner.com/en/newsroom/press-releases/2024-02-01-gartner-predicts-30-percent-of-enterprises-will-consider-identity-verification-and-authentication-solutions-unreliable-in-isolation-due-to-deepfakes-by-2026. [Accessed 29 July 2024].

Clarivate, “Web of Science,” [Online]. Available: https://www.webofscience.com/wos/.

Da Silva C. E., Diniz T., Cacho N. and d. Lemos R. (2018). “Self-adaptive authorisation in OpenStack cloud platform”, Journal of Internet Services and Applications, vol. 9, no. 1.

d'Ambrosio N., Perrone G. and Romano S. P. (2023). “Including insider threats into risk management through Bayesian threat graph networks”, Computers & Security, vol. 133, p. 103410.

Deep G., Mohana R., Nayyar A., Padmanaban S. and Hossain E. (2019). “Authentication Protocol for Cloud Databases Using Blockchain Mechanism”, Sensors, vol. 19, no. 20, p. 4444.

Dhillon G. and Backhouse J. (2001). “Current directions in IS security research: towards socio-organizational perspectives”, Info Systems J, vol. 11, no. 2, pp. 127--153.

Dhillon G., Smith K. and Dissanayaka I. (2021). “Information systems security research agenda: Exploring the gap between research and practice,” Journal of Strategic Information Systems, vol. 30, no. 4, pp. 1-17.

Elifoglu I. H., Abel I. and Tas Ö. (2018). “Minimizing Insider Threat Risk with Behavioral Monitoring”, Interdisciplinary Journal on Risk and Society, vol. 38, no. 2, pp. 61-73.

Elsevier, “Scopus,” [Online]. Available: https://www.scopus.com/.

ENISA - European Union Agency for Network and Information Security, “ENISA Threat Landscape Report 2016”, 8 February 2017. [Online]. Available: https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2016. [Accessed 10 February 2024].

Feinerer I., “Introduction to the tm Package Text Mining in R,” 5 February 2023. [Online]. Available: https://cran.r-project.org/web/packages/tm/vignettes/tm.pdf. [Accessed 6 January 2024].

Fraley C., Raftery A. E., Murphy T. B. and Scrucca L. (2012). “mclust Version 4 for R: Normal Mixture Modeling for Model-Based Clustering, Classification, and Density Estimation, Technical Report 597,” Department of Statistics, University of Washington.

Frenken P., “Building a Culture of Security,” 28 August 2020. [Online]. Available: https://www.isaca.org/resources/isaca-journal/issues/2020/volume-5/building-a-culture-of-security. [Accessed 25 arch 2024].

Furstenau D., Rothe H. and Sandner M. (2021). “Leaving the Shadow: A Configurational Approach to Explain Post-identification Outcomes of Shadow IT Systems”, Business & Information Systems Engineering, vol. 63, no. 2, pp. 97-111.

Gartner, “Gartner Survey Revealed 34% of Organizations Are Already Using or Implementing AI Application Security Tools,” 18 September 2023. [Online]. Available: https://www.gartner.com/en/newsroom/press-releases/2023-09-18-gartner-survey-revealed-34-percent-of-organizations-are-already-using-or-implementing-ai-application-security-tools. [Accessed 11 February 2024].

Green M. L. and Dozier P. (2023). “Understanding Human Factors of Cybersecurity: Drivers of Insider Threats”, in IEEE International Conference on Cyber Security and Resilience, CSR 2023, Venice, Italy, July 31 - Aug. 2, 2023, Venice.

Greitzer F. L. (2019). “Insider Threats: It’s the HUMAN, Stupid!” in Proceedings of the Northwest Cybersecurity Symposium, Richland WA USA.

Ho S. M. and Warkentin M. (2017). “Leader's dilemma game: An experimental design for cyber insider threat research”, Information Systems Frontiers, vol. 19, no. 2, pp. 377-396.

Ho S. M. (2019). “Leader Member Exchange: An Interactive Framework to Uncover a Deceptive Insider as Revealed by Human Sensors”, in 52nd Hawaii International Conference on System Sciences, {HICSS} 2019, Grand Wailea, Maui, Hawaii, USA, January 8-11, 2019, Grand Wailea.

Hodge V. J. and Austin J. (2004). “A Survey of Outlier Detection Methodologies,” Artificial Intelligence Review, vol. 22, no. 2, pp. 85-126.

Homoliak I., Toffalini F., Guarnizo J., Elovici Y. and Ochoa M. (2019). “Insight into Insiders and IT: A Survey of Insider Threat Taxonomies, Analysis, Modeling, and Countermeasures”, ACM Computing Surveys, vol. 52, no. 2, pp. 30:1-30:40.

Ibrahim Z.-A., Rahim F. A., ‘Alauddin A. A., Jamil N. and Abdullah H. I. M. (2022), “Insider Threats: profiling potential malicious attacks, severity and impact”, Journal of Theoretical and Applied Information Technology, vol. 100, no. 13, pp. 4827-4838.

ISACA (2014). “COBIT 5 DSS05.4 Dilver, Service and Support”.

ISACA (2023). “State of Cybersecurity 2023: Global Update on Workforce Efforts, Resources”, [Online]. Available: https://www.isaca.org/state-of-cybersecurity-2023. [Accessed 1 August 2024].

Keen E. (2024). “Gartner Identifies the Top Cybersecurity Trends for 2024,” Gartner, Sydney, Australia.

Kisenasamy K., Perumal S., Raman V. and Singh B. S. M. (2022). “Influencing factors identification in smart society for insider threat in law enforcement agency using a mixed method approach,” International Journal of System Assurance Engineering and Management, vol. 13, no. S1, p. 236-251.

Kumar A., Dutta S. and Pranav P. (2023). “Prevention of VM Timing side-channel attack in a cloud environment using randomized timing approach in AES – 128,” International Journal of experimental research and review, vol. 31, no. 13, pp. 131-140.

Lim A. (2023). “An Executive View of Key Cybersecurity Trends and Challenges in 2023”, ISACA.

Lin L., Li S., Lv X. and Li B. (2021). “BTDetect: An Insider Threats Detection Approach Based on Behavior Traceability for IaaS Environments”, in 2021 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom), New York City, NY, USA, September 30 - Oct.

Maheswari1 J. U., Vijayalakshmi S., Alzubaidi R. G. N, L. H., Anvar K. and Elangovan R. (2023). “Data privacy and security in cloud computing environments”, in E3S Web of Conferences 399, 04040 (2023).

Malik J. (2020). “Making sense of human threats and errors”, Computer Fraud & Security, vol. 2020, no. 3, pp. 6-10.

Masood A. and Masood A. (2021). “A Taxonomy of Insider Threat in isolated (air-gapped) Computer Networks”, Proceedings of 2021 International Bhurban Conference on Applied Sciences and Technologies (Ibcast), pp. 678-685,

Mehmood M., Amin R., Muslam M. M. A., Xie J. and Aldabbas H. (2023). “Privilege Escalation Attack Detection and Mitigation in Cloud Using Machine Learning”, IEEE Access, vol. 11, pp. 46561-46576.

Mishra S. (2024). “Exploring the Impact of AI-Based Cyber Security Financial,” Applied Sciences, no. 13, p. 5875.

Mogire N., Minas R. K. and Crosby M. E. (2019). “Tokens of Interaction: Psychophysiological Signals, a Potential Source of Evidence of Digital Incidents”, in Springer Nature Switzerland AG 2019.

Moriano P., Pendleton J., Rich S. and Camp L. J. (2018). “Stopping the Insider at the Gates: Protecting Organizational Assets through Graph Mining”, Journal of Wireless Mobile Networks, Ubiquitous Computing & Dependable Applications, vol. 9, no. 1, pp. 4-2.

Mouselimis L. (2022). “Package ‘fastText’”, 13 October 2022. [Online]. Available: https://cran.r-project.org/web/packages/fastText/fastText.pdf. [Accessed 11 February 2024].

Murshed B. A. H., Mallappa S., Abawajy J. H., Saif M. A. N., Al-Ariki H. D. E. and Abdulwahab H. M. (2023). “Short text topic modelling approaches in the context of big data: taxonomy, survey, and analysis”, Artifcial Intelligence Review, vol. 56, no. 6, pp. 5133—5260.

Nasir R., Afzal M., Latif R. and Iqbal W. (2021). “Behavioral Based Insider Threat Detection Using Deep Learning,” IEEE Access, vol. 9, pp. 143266-143274.

Nguyen H. T., Pham G. N., Nguyen B. A., Nguyen T. V. and Hoang M. (2021). “A Novel Quantum Communication Protocol and its Simulation in IBM Quantum Simulator”, International Journal of Emerging Technology and Advanced Engineering, vol. 11, no. 7, pp. 8-12.

NIST (2018). “Framework for Improving Critical Infrastructure Cybersecurity”.

Nyagwencha J. N. (2023). “Usability of Cloud Computing in Educational Communities of Practice: A Case Study of for Youth for Life Tool (FYFL)”, in Design, User Experience, and Usability - 12th International Conference, DUXU 2023, Held as Part of the 25th HCI International Conference, HCII 2023, Copenhagen, Denmark, July 23-28, 2023, Proceedings, Part III, Denmark.

Ooms J. (2024). cld2: Google's Compact Language Detector 2.

Ooms J. (2024). cld3: Google's Compact Language Detector 3.

Page M. J., Moher D., Bossuyt P. M., Boutron I., Hoffmann T. C., Mulrow C. D., Shamseer L., Tetzlaff J. M., Akl E. A., Brennan S. E., Chou R., Glanville J., Grimshaw J. M., Hróbjartsson A., Lalu M. M. and Tia A. (2021). “PRISMA 2020 explanation and elaboration: updated guidance and exemplars for reporting systematic reviews”, BMJ, vol. 372, p. n160.

Palanisamy R., Norman A. A. and Kiah L. M. (2024). “Employees’ BYOD Security Policy Compliance in the Public Sector”, Journal of Computer Information Systems, vol. 64, no. 1, pp. 62-77.

Panetta K. (2023). “How to Manage Cybersecurity Threats, Not Episodes”, 21 August 2023. [Online]. Available: https://www.gartner.com/en/articles/how-to-manage-cybersecurity-threats-not-episodes. [Accessed 26 March 2024].

Predescu A. V. and Stelkens-Kobsch T. H. (2022). “Aviation Security Lab: A testbed for security testing of current and future aviation technologies”, 2022 IEEE/AIAA 41st Digital Avionics Systems Conference (DASC), pp. 1-5.

Rehman U. U., Ali A., Bilal H. S. M., Razzaq M. A., Park S. B. and Lee S. (2022). “A Novel Mutual Trust Evaluation Method for Identification of Trusted Devices in Smart Environment”, 2022 16th International Conference on Ubiquitous Information Management and Communication (IMCOM), pp. 1-4.

Renaud K., Warkentin M., Pogrebna G. and van der Schyff K. (2024). “VISTA: An inclusive insider threat taxonomy, with mitigation strategies”, Information & Management, vol. 61, no. 1, p. 103877.

Ruefle R. (12 April 2017). “Critical Asset Identification (Part 1 of 20: CERT Best Practices to Mitigate Insider Threats Series),” Carnegie Mellon University Software Engineering Institute. [Online]. Available: https://insights.sei.cmu.edu/blog/critical-asset-identification-part-1-of-20-cert-best-practices-to-mitigate-insider-threats-series/#:~:text=Identifying%20your%20assets%20is%20not
%20easy.%20It%20takes,or%20data%20exfiltration%2C%20
and%20impediments%20to%2. [Accessed 03 August 2023].

Sammut C. and Webb G. I. (2017). Eds., Encyclopedia of Machine Learning and Data Mining, Springer.

Saxena N., Hayes E., Bertino E., Ojo P., Choo K.-K. R. and Burnap P. (2020). “Impact and Key Challenges of Insider Threats on Organizations and Critical Businesse”, MDPI Electronics, vol. 9, no. 9, pp. 1460-1489.

Schloss Dagstuhl – Leibniz-Zentrum für Informatik (LZI), “DBLP”, [Online]. Available: https://dblp.org/.

Shaghaghi A., Kanhere S. S., Kaafar M. A., Bertino E. and Jha S. (2018). “Gargoyle: A Network-based Insider Attack Resilient Framework for Organizations”, in 43rd IEEE Conference on Local Computer Networks, LCN 2018, Chicago, IL, USA, October 1-4, 2018, Chicago.

Singh A. P. and Sharma A. (2022). “A systematic literature review on insider threats”, Computing Research Repository.

Singh J., Kumar M. and Sran S. S. (2020). “An Inside Attack Assessment Model for Infrastructure as a Service in Cloud Trust”, International Journal of Scientific \& Technology Research, vol. 9, pp. 1156-1161.

Singh M., Mehtre B. M. and Sangeetha S. (2019). “User Behavior Profiling using Ensemble Approach for Insider Threat Detection,” in 5th IEEE International Conference on Identity, Security, and Behavior Analysis, ISBA 2019, Hyderabad, India, January 22-24, 2019, Hyderabad.

Singh M., Mehtre B. M., Sangeetha S. and Govindaraju V. (2023). “User Behaviour based Insider Threat Detection using a Hybrid Learning Approach”, Journal of Ambient Intelligence and Humanized Computing, vol. 14, no. 4, pp. 4573-4593.

Siponen M. T. and Oinas-Kukkonen H. (2007). “A review of information security issues and respective research contributions”, Data Base, vol. 38, no. 1, pp. 60-80.

Soh W., Kim H. and Yum B.-J. (2018). “Application of kernel principal component analysis to multi-characteristic parameter design problems,” Annals Operations Research, vol. 263, no. 1-2, pp. 69-91.

Spitzner L. (20 September 2021). “Why a Strong Security Culture?”, [Online]. Available: https://www.sans.org/blog/why-strong-security-culture/. [Accessed 26 March 2024].

Thrush G. and Sullivan E. (01 March 2024). “Airman Expected to Plead Guilty After Defense Leak: [National Desk]”, New York Times, [Online]. Available: https://www.proquest.com/nytimes/docview/2933297622/
5910F2CAE16144E2PQ/3?accountid=14717&
sourcetype=Newspapers. [Accessed 12 August 2024].

Toffalini F., Homoliak I., Harilal A., Binder A. and Ochoa M. (2018). “Detection of Masqueraders Based on Graph Partitioning of File System Access Events”, in 2018 IEEE Security and Privacy Workshops, SP Workshops 2018, San Francisco, CA, USA, May 24, 2018.

Tukur Y. M. and Ali Y. S. (2019). “Demonstrating the Effect of Insider Attacks on Perception Layer of Internet of Things (IoT) Systems”, in 2019 15th International Conference on Electronics, Computer and Computation (ICECCO).

United States Attorney's Office. (16 February 2017). “Former Systems Administrator Sentenced to Prison for Hacking into Industrial Facility Computer System”, [Online]. Available: https://www.justice.gov/usao-mdla/pr/former-systems-administrator-sentenced-prison-hacking-industrial-facility-computer. [Accessed 28 July 2024].

v. d. Meulen R. (23 August 2023). “Gartner Survey Shows Generative AI Has Become an Emerging Risk for Enterprises”,). [Online]. Available: https://www.gartner.com/en/newsroom/press-releases/2023-08-08-gartner-survey-shows-generative-ai-has-become-an-emerging-risk-for-enterprises?source=BLD-200123&. [Accessed 12 February 2024].

Weston S. J., Shryock I., Light R. and Fisher P. A. (2023). “Selecting the Number and Labels of Topics in Topic Modeling: A Tutorial”, Advances in Methods and Practices in Psychological Science, vol. 6, no. 2, pp. 1-13.

Williams S. P., Hardy C. A. and Holgate J. A. (2013). “Information security governance practices in critical infrastructure organizations: A socio-technical and institutional logic perspective”, Electron Markets, vol. 23, no. 4, pp. 341-354.

Yeo L. H. and Banfield J. (2022). “Human Factors in Electronic Health Records Cybersecurity Breach: An Exploratory”, Perspectives in health information management.

Zhang D., Zheng Y., Wen Y., Xu Y., Wang J., Yu Y. and Meng D. (2018). “Role-based Log Analysis Applying Deep Learning for Insider Threat Detection”, in SecArch'18: Proceedings of the 1st Workshop on Security-Oriented Designs of Computer Architectures and Processors, October 2018, Toronto, Canada.

Zhou C., Ban H., Zhang J., Li Q. and Zhang Y. (2020). “Gaussian Mixture Variational Autoencoder for Semi-Supervised Topic Modeling”, IEEE Access, vol. 8, pp. 106843--106854.