VISTA: an inclusive insider threat taxonomy, with mitigation strategies

Karen Renaud, Merrill Warkentin, Ganna Pogrebna, Karl van der Schyff

Research output: Contribution to journalArticlepeer-review

11 Downloads (Pure)


Insiders have the potential to do a great deal of damage, given their legitimate access to organisational assets and the trust they enjoy. Organisations can only mitigate insider threats if they understand what the different kinds of insider threats are, and what tailored measures can be used to mitigate the threat posed by each of them. Here, we derive VISTA (inclusiVe InSider Threat tAxonomy) based on an extensive literature review and a survey with C-suite executives to ensure that the VISTA taxonomy is not only scientifically grounded, but also meets the needs of organisations and their executives. To this end, we map each VISTA category of insider threat to tailored mitigations that can be deployed to reduce the threat.
Original languageEnglish
Article number103877
Number of pages22
JournalInformation & Management
Issue number1
Early online date21 Oct 2023
Publication statusPublished - 31 Jan 2024


  • insider threats
  • taxonomy
  • mitigations
  • cybersecurity


Dive into the research topics of 'VISTA: an inclusive insider threat taxonomy, with mitigation strategies'. Together they form a unique fingerprint.

Cite this