Malicious Insider Threat to Data Security: Mitigation Strategy for municipalities

Shandukani Tshilidzi Thenga; S Arunmozhi Selvi

doi:10.17352/tcsit.000102

Trends in Computer Science and Information Technology Online first articles

PDF HTML

Submitted: December 5, 2025

Published: Dec 17, 2025

DOI: 10.17352/tcsit.000102

Keywords:

Malicious insider threats, Municipal data security, Socio-technical risk management, Governance and policy controls in cybersecurity, Behavioral analytics and UEBA, Defense-in-depth strategy, Privileged Access Management (PAM), Ethical and privacy-aware monitoring, Public sector cyber resilience

Shandukani Tshilidzi Thenga

British University College, 4524 Turnberry Street, South Africa

S Arunmozhi Selvi

British University College, 4524 Turnberry Street, South Africa

Abstract

The municipal governments are the custodians of huge volumes of sensitive information, including personally identifiable information (PII), financial information, law enforcement intelligence, and control of essential infrastructure. Although external cyber-threats are the most discussed, deliberate insider threats, malicious actions of authorised personnel, are an equally serious, but underestimated threat to municipal data security. The paper is a holistic formulation of a mitigation strategy, which is specific to the local government setting. The proposed solution, based on such standard frameworks as the NIST SP 800-53, ISO/IEC 27001, and CERT Insider Threat Model, and incorporating socio-technical and risk management concepts, will build a multi-layered defence. This model is a combination of governance policies, technical controls, behavioural monitoring, and reforms in the organisational culture. It focuses on active prevention, ongoing surveillance, as well as organised incident recovery and response. The paper also covers some very important ethical and legal issues, especially how to strike a balance between the privacy of employees and the required monitoring. A gradual implementation scheme and performance indicators are proposed to guarantee feasible implementation, which is based on municipal budget and regulatory factors. The study finds that insider risk mitigation goes beyond technology, as a complex and culture-entrenched challenge necessitating an overhaul of the municipal operations to instill trust, accountability, and resilience.

Downloads

Download data is not yet available.

How to Cite

Thenga, S. T., & Selvi, S. A. (2025). Malicious Insider Threat to Data Security: Mitigation Strategy for municipalities. Trends in Computer Science and Information Technology, 089–096. https://doi.org/10.17352/tcsit.000102

Issue

Online First

Section

Literature Reviews

Copyright & License

This work is licensed under a Creative Commons Attribution 4.0 International License.

References

Inayat U, Farzan M, Mahmood S, Zia MF, Hussain S, Pallonetto F. Insider threat mitigation: systematic literature review. Ain Shams Eng J. 2024:103068. Available from: https://doi.org/10.1016/j.asej.2024.103068

Alsowail RA, Al-Shehari T. A multi-tiered framework for insider threat prevention. Electronics. 2021;10(9):1005. Available from: https://doi.org/10.3390/electronics10091005

Akinsola FA, Ogwueleka FN, Mbanaso UM. A comprehensive survey of insider threat landscape and detection indicators. Int J Eng Inf Technol. 2025;2(3):146-177. Available from: https://ejournal.yasin-alsys.org/KIJEIT/article/view/7704

Vestad A, Yang B. Municipal cybersecurity—A neglected research area? A survey of current research. In: Springer proceedings in complexity. 2023. p. 151-165. Available from: https://doi.org/10.1007/978-981-19-6414-5_9

Safa NS, Abroshan H. The effect of organizational factors on the mitigation of information security insider threats. Information. 2025;16(7):538. Available from: https://doi.org/10.3390/info16070538

Steinmetz M. The insider threat and the insider advocate. In: Oxford University Press eBooks. 2021;348-358. Available from: https://doi.org/10.1093/oxfordhb/9780198800682.013.21

Savchenko V, Dzyuba T, Matsko O, Novikova I, Havryliuk I, Polovenko V, et al. Time aspect of insider threat mitigation. Adv Mil Technol. 2024;19(1):149-164. Available from: https://doi.org/10.3849/aimt.01830

Nagel K. Establishing a foundation and building an insider threat program. ISACA J [Internet]. 2021;5. Available from: https://www.isaca.org/resources/isaca-journal/issues/2021/volume-5/establishing-a-foundation-and-building-an-insider-threat-program

Cornelius FP, Van Rensburg SKJ. Emerging South African smart cities: data security and privacy risks and challenges. S Afr J Inf Manag. 2024;26(1). Available from: https://sajim.co.za/index.php/sajim/article/view/1847/2948

Chandra NA, Ramli KA, Putri Ratna AAP, Gunawan TS, et al. Information security risk assessment using situational awareness frameworks and application tools. Risks. 2022;10(8):165. Available from: https://doi.org/10.3390/risks10080165

Zeng M, Dian C, Wei Y. Risk assessment of insider threats based on IHFACS-BN. Sustainability. 2022;15(1):491. Available from: https://doi.org/10.3390/su15010491

Al-Mhiqani MN, Ahmad R, Zainal Abidin Z, Yassin W, Hassan A, Abdulkareem KH, et al. A review of insider threat detection: classification, machine learning techniques, datasets, open challenges, and recommendations. Appl Sci. 2020;10(15):5208. Available from: https://doi.org/10.3390/app10155208

Islam S, Basheer N, Papastergiou S, Ciampi M, Silvestri S. Intelligent dynamic cybersecurity risk management framework with explainability and interpretability of AI models for enhancing security and resilience of digital infrastructure. J Reliab Intell Environ. 2025;11(3). Available from: https://doi.org/10.1007/s40860-025-00253-3

Lishchynsky M. The insider threat: a socio-technical analysis of preventing data breaches and espionage within governmental agencies. Politics Secur. 2025;12(2):88-103. Available from: https://doi.org/10.54658/ps.28153324.2025.12.2.pp.88-103

National Institute of Standards and Technology. Security and privacy controls for information systems and organizations. NIST Spec Publ 800-53 Rev 5 [Internet]. 2020. Available from: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf

Sektas-Bilusich D, Nunes-Vaz NA, Chim L, Lord S. A risk-based framework to inform prioritisation of security investment for insider threats. Int J Saf Secur Eng. 2020;10(1):49-57. Available from: https://www.iieta.org/journals/ijsse/paper/10.18280/ijsse.100107

Gheyas IA, Abdallah AE. Detection and prediction of insider threats to cyber security: a systematic literature review and meta-analysis. Big Data Anal. 2016;1(1). Available from: https://doi.org/10.1186/s41044-016-0006-0

Ismail WBW, Widyarto S. A classification of human error factors in unintentional insider threats. Eur Proc Multidiscip Sci. 2022;3:667-676.

Rajagopalan RP, Lynch P, Burbach T. Mitigating insider threats and ensuring personnel reliability. In: Springer eBooks. 2024. p. 29-69. Available from: https://link.springer.com/chapter/10.1007/978-3-031-56814-5_2

Whitty MT. Developing a conceptual model for insider threat. J Manag Organ. 2018;27(5):911-929. Available from: https://doi.org/10.1017/jmo.2018.57

Kanellopoulos A-N. Insider threat mitigation through human intelligence and counterintelligence: a case study in the shipping industry. Def Secur Stud. 2024;5:10-19. Available from: https://doi.org/10.37868/dss.v5.id261

Alsowail RA, Al-Shehari T. Techniques and countermeasures for preventing insider threats. PeerJ Comput Sci. 2022;8:e938. Available from: https://doi.org/10.7717/peerj-cs.938

Saxena N, Hayes E, Bertino E, Ojo P, Choo KKR, Burnap P, et al. Impact and key challenges of insider threats on organizations and critical businesses. Electronics. 2020;9(9):1460. Available from: https://doi.org/10.3390/electronics9091460

Article Sidebar

Main Article Content