IDEAS home Printed from https://ideas.repec.org/a/gam/jsusta/v15y2022i1p491-d1017415.html
   My bibliography  Save this article

Risk Assessment of Insider Threats Based on IHFACS-BN

Author

Listed:
  • Min Zeng

    (School of Economics, Management and Law, University of South China, Hengyang 421001, China
    These authors contributed equally to this work.)

  • Chuanzhou Dian

    (School of Economics, Management and Law, University of South China, Hengyang 421001, China
    These authors contributed equally to this work.)

  • Yaoyao Wei

    (School of Economics, Management and Law, University of South China, Hengyang 421001, China)

Abstract

Insider threats, as one of the pressing challenges that threaten an organization’s information assets, usually result in considerable losses to the business. It is necessary to explore the key human factors that enterprise information security management should focus on preventing to reduce the probability of insider threats effectively. This paper first puts forward the improved Human Factors Analysis and Classification System (IHFACS) based on actual enterprise management. Then, the enterprise internal threat risk assessment model is constructed using the Bayesian network, expert evaluation, and fuzzy set theory. Forty-three classic insider threat cases from China, the United States, and Israel during 2009–2021 are selected as samples. Then, reasoning and sensitivity analysis recognizes the top 10 most critical human factors of the accident and the most likely causal chain of unsafe acts. The result shows that the most unsafe behavior was not assessing employees’ familiarity with the company’s internal security policies. In addition, improving the organizational impact of information security can effectively reduce internal threats and promote the sustainable development of enterprises.

Suggested Citation

  • Min Zeng & Chuanzhou Dian & Yaoyao Wei, 2022. "Risk Assessment of Insider Threats Based on IHFACS-BN," Sustainability, MDPI, vol. 15(1), pages 1-18, December.
    • Handle: RePEc:gam:jsusta:v:15:y:2022:i:1:p:491-:d:1017415
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2071-1050/15/1/491/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2071-1050/15/1/491/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Jawon Kim & Chanwoo Lee & Hangbae Chang, 2020. "The Development of a Security Evaluation Model Focused on Information Leakage Protection for Sustainable Growth," Sustainability, MDPI, vol. 12(24), pages 1-20, December.
    2. Jifeng Lu & Weihua Liu & Kai Yu & Lujie Zhou, 2022. "The Dynamic Evolution Law of Coal Mine Workers’ Behavior Risk Based on Game Theory," Sustainability, MDPI, vol. 14(7), pages 1-16, March.
    3. Weiliang Qiao & Yu Liu & Xiaoxue Ma & Yang Liu, 2020. "Human Factors Analysis for Maritime Accidents Based on a Dynamic Fuzzy Bayesian Network," Risk Analysis, John Wiley & Sons, vol. 40(5), pages 957-980, May.
    4. Cao, Cejun & Liu, Yang & Tang, Ou & Gao, Xuehong, 2021. "A fuzzy bi-level optimization model for multi-period post-disaster relief distribution in sustainable humanitarian supply chains," International Journal of Production Economics, Elsevier, vol. 235(C).
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Cao, Cejun & He, Yufan & Liu, Yang & Huang, Hao & Zhang, Fanshun, 2025. "Blockchain technology adoption mechanism for semiconductor chip supply chains considering information disclosure under cost-sharing contract," International Journal of Production Economics, Elsevier, vol. 282(C).
    2. Laihao Ma & Xiaoxue Ma & Jingwen Zhang & Qing Yang & Kai Wei, 2021. "Identifying the Weaker Function Links in the Hazardous Chemicals Road Transportation System in China," IJERPH, MDPI, vol. 18(13), pages 1-17, July.
    3. Md Maruf Hossan Chowdhury & Sanjoy Kumar Paul & Eijaz Ahmed Khan & A. K. M. Shakil Mahmud, 2024. "A Decision Support Model for Barriers and Optimal Strategy Design in Sustainable Humanitarian Supply Chain Management," Global Journal of Flexible Systems Management, Springer;Global Institute of Flexible Systems Management, vol. 25(3), pages 467-486, September.
    4. Li, Huanhuan & Çelik, Cihad & Bashir, Musa & Zou, Lu & Yang, Zaili, 2024. "Incorporation of a global perspective into data-driven analysis of maritime collision accident risk," Reliability Engineering and System Safety, Elsevier, vol. 249(C).
    5. Diaz, Rafael & Behr, Joshua G. & Acero, Beatriz, 2022. "Coastal housing recovery in a postdisaster environment: A supply chain perspective," International Journal of Production Economics, Elsevier, vol. 247(C).
    6. Kai Kang & Bing Qing Tan, 2025. "Multi-echelon reverse logistics network design in the context of circular economy: a Hong Kong case study," Humanities and Social Sciences Communications, Palgrave Macmillan, vol. 12(1), pages 1-15, December.
    7. Rabin K. Jana & Dinesh K. Sharma & Peeyush Mehta, 2022. "A probabilistic fuzzy goal programming model for managing the supply of emergency relief materials," Annals of Operations Research, Springer, vol. 319(1), pages 149-172, December.
    8. Cejun Cao & Juan Li & Ju Liu & Jiahui Liu & Hanguang Qiu & Jie Zhen, 2024. "Sustainable development-oriented location-transportation integrated optimization problem regarding multi-period multi-type disaster medical waste during COVID-19 pandemic," Annals of Operations Research, Springer, vol. 335(3), pages 1401-1447, April.
    9. Yılmaz, Ömer Faruk & Guan, Yongpei & Yılmaz, Beren Gürsoy, 2025. "Designing a resilient humanitarian supply chain by considering viability under uncertainty: A machine learning embedded approach," Transportation Research Part E: Logistics and Transportation Review, Elsevier, vol. 194(C).
    10. Niu, Niu & Ma, Junhua & Zheng, Deyuan & Lu, Yang & Zhang, Bin, 2025. "Extreme weather and the green transition of energy firms: The moderating effect of digital technology and digital inclusive finance," Research in International Business and Finance, Elsevier, vol. 76(C).
    11. Meng, Qingchun & Kao, Zhiping & Guo, Ying & Bao, Chunbing, 2023. "An emergency supplies procurement strategy based on a bidirectional option contract," Socio-Economic Planning Sciences, Elsevier, vol. 87(PA).
    12. You, Qi & Yu, Kai & Zhou, Lujie & Zhang, Jing & Lv, Maoyun & Wang, Jiansheng, 2023. "Research on risk analysis and prevention policy of coal mine workers' group behavior based on evolutionary game," Resources Policy, Elsevier, vol. 80(C).
    13. Jiao Liu & Shuang Li & Weijun Bao & Kun Xu, 2022. "Could the Management System of Safety Partnership Change Miners’ Unsafe Behavior?," Sustainability, MDPI, vol. 14(20), pages 1-14, October.
    14. Xiaoxue Ma & He Lan & Weiliang Qiao & Bing Han & Heilong He, 2024. "On the causation correlation of maritime accidents based on data mining techniques," Journal of Risk and Reliability, , vol. 238(5), pages 905-919, October.
    15. Yiping Huang & Qin Yang & Jinfeng Liu & Xiao Li & Jie Zhang, 2021. "Sustainable Scheduling of the Production in the Aluminum Furnace Hot Rolling Section with Uncertain Demand," Sustainability, MDPI, vol. 13(14), pages 1-23, July.
    16. Faraz Salehi & S. Mohammad J. Mirzapour Al-E-Hashem & S. Mohammad Moattar Husseini & S. Hassan Ghodsypour, 2023. "A bi-level multi-follower optimization model for R&D project portfolio: an application to a pharmaceutical holding company," Annals of Operations Research, Springer, vol. 323(1), pages 331-360, April.
    17. Tongxin Liu & Jun Li & Xihui Wang, 2024. "Enhancing the cost performance in regular humanitarian logistics: location-routing and delivery frequency optimization," Flexible Services and Manufacturing Journal, Springer, vol. 36(3), pages 1157-1185, September.
    18. Gupta, Shivam & Modgil, Sachin & Kumar, Ajay & Sivarajah, Uthayasankar & Irani, Zahir, 2022. "Artificial intelligence and cloud-based Collaborative Platforms for Managing Disaster, extreme weather and emergency operations," International Journal of Production Economics, Elsevier, vol. 254(C).
    19. Pan, Xing & Zuo, Dujun & Zhang, Wenjin & Hu, Lunhu & Wang, Huixiong & Jiang, Jing, 2021. "Research on Human Error Risk Evaluation Using Extended Bayesian Networks with Hybrid Data," Reliability Engineering and System Safety, Elsevier, vol. 209(C).
    20. Lan, He & Ma, Xiaoxue & Qiao, Weiliang & Deng, Wanyi, 2023. "Determining the critical risk factors for predicting the severity of ship collision accidents using a data-driven approach," Reliability Engineering and System Safety, Elsevier, vol. 230(C).

    More about this item

    Keywords

    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jsusta:v:15:y:2022:i:1:p:491-:d:1017415. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.