A model to reduce insider cybersecurity threats in a South African telecommunications company

Background: Cybersecurity breaches have become a growing challenge in today’s digital economy. Organisations are faced with the responsibility of protecting their information resources from cybersecurity threats, and insider threats are one of them. Organisations have sophisticated technologies to protect themselves against these attacks, and their employees are often less guarded when it comes to protecting valuable company information systems. Objectives: This research was aimed to develop and conceptualise a model to reduce cybersecurity insider threats in a South African telecommunication organisation. Method: This study was conducted using a survey research approach, where close-ended questionnaires were utilised to collect data from respondents. The collected data was then analysed using IBM Statistical Package for Social Science (SPSS). Results: The findings of the study indicated that personal norms in the domain of cybersecurity have a positive influence on individuals’ attitude towards engaging in cybersecurity misbehaviour, and this has a significant relationship with their reduction of insider threats (RIT). Conclusion: This study suggests that management should give close and thoughtful attention to factors that encourage their employees to engage in cybersecurity misbehaviour. As an efficient and effective approach to mitigate the risk of cybersecurity insider threats, identification and classification of these factors should be followed by proper planning with a goal of reducing their negative effect on employees’ behaviour.