Search for: All records

The objective of this research is to investigate the influence of interest in white hat capabilities, income levels, and perceptions of being apprehended on the willingness to violate privacy regulations as measured by the amount of money required to violate medical privacy. The research model was developed by drawing on the economics of crime literature, prospect theory and the emerging Capability, Opportunity, and Motivation Behavior model. This study involved 523 individuals on the cusp of entering the workforce, which places them all as potential insider hackers according to zero trust models of insider behavior. Despite many subjects believing there is a high probability of being caught, they could still be incentivized to violate HIPAA laws. Approximately 306 (or 58%) of the survey participants indicated a price, ranging from zero dollars to over $10 million, that they deemed acceptable for violating HIPAA laws. Income levels, white hat hacking capabilities, monetary incentives to commit a crime, and the perceived probability of being apprehended were statistically significant predictors of the amount of money required to violate HIPAA laws. 

The objective of this research is to investigate the influence of interest in white hat capabilities, income levels, and perceptions of being apprehended on the willingness to violate privacy regulations as measured by the amount of money required to violate medical privacy. The research model was developed by drawing on the economics of crime literature, prospect theory and the emerging Capability, Opportunity, and Motivation Behavior model. This study involved 523 individuals on the cusp of entering the workforce, which places them all as potential insider hackers according to zero trust models of insider behavior. Despite many subjects believing there is a high probability of being caught, they could still be incentivized to violate HIPAA laws. Approximately 222 (or 42%) of the survey participants indicated a price, ranging from zero dollars to over $10 million, that they deemed acceptable for violating HIPAA laws. Income levels, white hat hacking capabilities, monetary incentives to commit a crime, and the perceived probability of being apprehended were statistically significant predictors of the amount of money required to violate HIPAA laws. 

This paper investigates the psychological traits of individuals’ attraction to engaging in hacking behaviors (both ethical and illegal/unethical)upon entering the workforce.We examine the role of the Dark Triad, Opposition to Authority and Thrill-Seeking traits as regards the propensity of an individual to be interested in White Hat, Black Hat,and Grey Hat hacking. A new set of scales were developed to assist in the delineation of the three hat categories. We also developed a scale to measure each subject’s perception of the probability of being apprehended for violating privacy laws. Engaging in criminal activity involves a choice where there are consequences and opportunities, and individuals perceive them differently, but they can be deterred if there is a likelihood of punishment,and the punishment is severe. The results suggest that individuals that are White Hat, Grey Hat and Black Hat hackers score high on the Machiavellian and Psychopathy scales. We also found evidence that Grey Hatters oppose authority, Black Hatters score high on the thrill-seeking dimension and White Hatters, the good guys, tend to be Narcissists. Thrill-seeking was moderately important for White Hat hacking and Black hat hacking. Opposition to Authority was important for Grey Hat hacking. Narcissism was not statistically significant in any of the models. The probability of being apprehended had a negative effect on Grey Hat and Black Hat hacking. Several suggestions will be made on what organizations can do to address insider threats. 

This paper investigates the psychological traits of individuals’ attraction to engaging in hacking behaviors (both ethical and illegal/unethical)upon entering the workforce.We examine the role of the Dark Triad, Opposition to Authority and Thrill-Seeking traits as regards the propensity of an individual to be interested in White Hat, Black Hat,and Grey Hat hacking. A new set of scales were developed to assist in the delineation of the three hat categories. We also developed a scale to measure each subject’s perception of the probability of being apprehended for violating privacy laws. Engaging in criminal activity involves a choice where there are consequences and opportunities, and individuals perceive them differently, but they can be deterred if there is a likelihood of punishment,and the punishment is severe. The results suggest that individuals that are White Hat, Grey Hat and Black Hat hackers score high on the Machiavellian and Psychopathy scales. We also found evidence that Grey Hatters oppose authority, Black Hatters score high on the thrill-seeking dimension and White Hatters, the good guys, tend to be Narcissists. Thrill-seeking was moderately important for White Hat hacking and Black hat hacking. Opposition to Authority was important for Grey Hat hacking. Narcissism was not statistically significant in any of the models. The probability of being apprehended had a negative effect on Grey Hat and Black Hat hacking. Several suggestions will be made on what organizations can do to address insider threats.