Analyzing Incidents of Workplace Violence to Inform Incident Planning and Mitigation Strategies
Abstract
The National Insider Threat Center (NITC), part of the Software Engineering Institute's CERT Division, has expanded the scope of insider threats to encompass workplace violence (WPV) risk including harm to self and/or others. With this change, we sought to establish a robust data collection and analysis process, like the one we developed for traditional insider threats, to facilitate empirical research in this domain and help produce reliable, high-fidelity findings and artifacts. This work presents our initial analysis and insight. We describe the data collection and analysis process and notate our preliminary artifacts such as a WPV incident chronology, we document initial steps for monitoring and measuring WPV indicators, and we discuss the related privacy, ethical, and legal considerations. We intend this work to catalyze the empirical investigation into the socio-technical problem of mitigating WPV risk. We find that this problem requires operational controls and buy-in from the human resources, personnel security, and legal units as well as from the information technology department and the insider threat program.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jan 01, 2019
- Accession Number
- AD1090846
Entities
People
- Andrew P. Moore
- Carrie Gardner
- Sarah Miller
- Tracy Cassidy
Organizations
- Carnegie Mellon University