Analyzing Incidents of Workplace Violence to Inform Incident Planning and Mitigation Strategies
CARNEGIE-MELLON UNIV PITTSBURGH PA PITTSBURGH United States
Pagination or Media Count:
The National Insider Threat Center NITC, part of the Software Engineering Institutes CERT Division, has expanded the scope of insider threats to encompass workplace violence WPV risk including harm to self andor others. With this change, we sought to establish a robust data collection and analysis process, like the one we developed for traditional insider threats, to facilitate empirical research in this domain and help produce reliable, high-fidelity findings and artifacts. This work presents our initial analysis and insight. We describe the data collection and analysis process and notate our preliminary artifacts such as a WPV incident chronology, we document initial steps for monitoring and measuring WPV indicators, and we discuss the related privacy, ethical, and legal considerations. We intend this work to catalyze the empirical investigation into the socio-technical problem of mitigating WPV risk. We find that this problem requires operational controls and buy-in from the human resources, personnel security, and legal units as well as from the information technology department and the insider threat program.
- Personnel Management and Labor Relations