University of Sussex
Browse

File(s) not publicly available

Detecting insider threats through language change

journal contribution
posted on 2023-06-08, 21:34 authored by Paul J Taylor, Coral J Dando, Thomas OrmerodThomas Ormerod, Linden J Ball, Marisa C Jenkins, Alexandra Sandham, Tarek Menacere
The act of conducting an insider attack carries with it cognitive and social challenges that may affect an offender’s day-to-day work behavior. We test this hypothesis by examining the language used in e-mails that were sent as part of a 6-hr workplace simulation. The simulation involved participants (N = 54) examining databases and exchanging information as part of a four-stage organized crime investigation. After the first stage, 25% of the participants were covertly incentivized to act as an “insider” by providing information to a provocateur. Analysis of the language used in participants’ e-mails found that insiders became more self-focused, showed greater negative affect, and showed more cognitive processing compared to their coworkers. At the interpersonal level, insiders showed significantly more deterioration in the degree to which their language mimicked other team members over time. Our findings demonstrate how language may provide an indirect way of identifying employees who are undertaking an insider attack.

History

Publication status

  • Published

Journal

Law and Human Behavior

ISSN

0147-7307

Publisher

Kluwer

Issue

4

Volume

37

Page range

267-275

Department affiliated with

  • Psychology Publications

Full text available

  • No

Peer reviewed?

  • Yes

Legacy Posted Date

2015-07-13

Usage metrics

    University of Sussex (Publications)

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC