Sorting Insiders from Co-workers: Remote synchronous computer-mediated triage for investigating insider attacks : WestminsterResearch

Publication dates
Title	Sorting Insiders from Co-workers: Remote synchronous computer-mediated triage for investigating insider attacks
Type	Journal article
Authors	Dando, C.J., Taylor, P.J., Menacere, M., Ormerod, T.C., Ball, L.J. and Sandham, A.L.
Abstract	Objective: Develop and investigate the potential of a remote, computer mediated and synchronous text-based triage, which we refer to as InSort, for quickly highlighting persons of interest after an insider attack. Background: Insiders maliciously exploit legitimate access to impair the confidentiality and integrity of organizations. The globalisation of organisations and advancement of information technology means employees are often dispersed across national and international sites, working around the clock, often remotely. Hence, investigating insider attacks is challenging. However, the cognitive demands associated with masking insider activity offer opportunities. Drawing on cognitive approaches to deception and understanding of deception-conveying features in textual responses we developed InSort, a remote computer mediated triage. Method: During a 6-hour immersive simulation, participants worked in teams, examining password protected, security sensitive databases and exchanging information during an organized crime investigation. Twenty-five percent were covertly incentivized to act as an ‘insider’ by providing information to a provocateur. Results: Responses to InSort questioning revealed insiders took longer to answer investigation relevant questions, provided impoverished responses, and their answers were less consistent with known evidence about their behaviors than co-workers. Conclusion: Findings demonstrate InSort has potential to expedite information gathering and investigative processes following an insider attack.
Keywords	Insiders, computer-mediated communication, deception, Triage
Journal	Human Factors: The Journal of the Human Factors and Ergonomics Society
Journal citation	66 (1), pp. 145-157
ISSN	0018-7208
	1547-8181
Year	2024
Publisher	Sage
Publisher's version	Dando et al., (2022) Sorting the insiders from co-workers (Dittos) Manuscript .pdf License CC BY 4.0 File Access Level Open (open metadata and files)
Digital Object Identifier (DOI)	https://doi.org/10.1177/00187208211068292
Web address (URL)	https://doi.org/10.1177/00187208211068292
Published online	07 Mar 2022
Published in print	2024
Funder	UK Government Dept or Agency

Related outputs

Individual differences in detecting and sharing misinformation: Positive schizotypy, conspiracy beliefs, and autism
Buchanan, T., Maras, K. and Dando, C.J. 2024. Individual differences in detecting and sharing misinformation: Positive schizotypy, conspiracy beliefs, and autism. Personality and Individual Differences. 233 112946. https://doi.org/10.1016/j.paid.2024.112946

Eyewitness memory for person, object and action information is mediated by interview environment and the presence or absence of rapport
Taylor, D.A. and Dando, C.J. 2024. Eyewitness memory for person, object and action information is mediated by interview environment and the presence or absence of rapport. Journal of Criminal Psychology. Advanced online publication. https://doi.org/10.1108/JCP-07-2024-0057

Arabic within culture forensic interviews: Arabic native speaking lay-observer truth and lie accuracy, confidence, and verbal cue selection
Dando, C.J., Sandham, A., Sibbons, C. and Taylor, P.J. 2024. Arabic within culture forensic interviews: Arabic native speaking lay-observer truth and lie accuracy, confidence, and verbal cue selection. PLoS ONE. 19 (9) 0310384. https://doi.org/10.1371/journal.pone.0310384

Eyewitness confidence in the interviewing context: Understanding the impact of question type and order
Caso, A., Gabbert, F and Dando, C.J. 2024. Eyewitness confidence in the interviewing context: Understanding the impact of question type and order. Applied Cognitive Psychology. 38 (3) e4197. https://doi.org/10.1002/acp.4197

Prevalence, Disclosure, and Help Seeking in Black and Asian Male Survivors of Sexual Violence in the United Kingdom: A Rapid Review
Widanaralalage Don, K., Jennings, S., Dando, C.J. and Mackenzie, J.-M. 2024. Prevalence, Disclosure, and Help Seeking in Black and Asian Male Survivors of Sexual Violence in the United Kingdom: A Rapid Review. Trauma, Violence, & Abuse. 25 (4), pp. 3299-3314. https://doi.org/10.1177/15248380241246217

Orochi impact formula: An evidence-based approach for quantifying the societal harm of County Lines drug supply
Dando, C.J., Milne, R., Jones, A. and Harvey, N. 2024. Orochi impact formula: An evidence-based approach for quantifying the societal harm of County Lines drug supply. The Police Journal: Theory, Practice and Principles. Advanced online publication. https://doi.org/10.1177/0032258X241239017

Real-world implications of Aphantasia: Episodic recall of eyewitnesses with aphantasia is less complete but no less accurate than typical imagers.
Dando, C.J., Nahouli, Z. and Pounder, Z. 2023. Real-world implications of Aphantasia: Episodic recall of eyewitnesses with aphantasia is less complete but no less accurate than typical imagers. Royal Society Open Science. 10 (10) 231007. https://doi.org/10.1098/rsos.231007

Cross cultural verbal cues to deception: truth and lies in first and second language forensic interview contexts
Dando, C.J., Taylor, P. J. and Sandham, A. L. 2023. Cross cultural verbal cues to deception: truth and lies in first and second language forensic interview contexts. Frontiers in Psychology. 14 1709. https://doi.org/10.3389/fpsyg.2023.1152904

Male survivors of sexual violence: a rapid review of prevalence, disclosure and factors influencing help seeking for ethnic minorities
Jennings, S., Widanaralalage Don, K., Mackenzie, J.-M. and Dando, C.J. 2023. Male survivors of sexual violence: a rapid review of prevalence, disclosure and factors influencing help seeking for ethnic minorities. NIHR.

Coercion and crime: Convergences, divergences and ‘county lines’
Atkinson-Sheppard, S., Dando, C.J., Ormerod, T. and Robinson, B. 2023. Coercion and crime: Convergences, divergences and ‘county lines’. Criminology & Criminal Justice. Advanced online publication. https://doi.org/10.1177/17488958231153981

Parental experiences of the impact of grooming and criminal exploitation of children for county lines drug trafficking
Dando, C.J., Ormerod, T. and Atkinson-Sheppard, S. 2023. Parental experiences of the impact of grooming and criminal exploitation of children for county lines drug trafficking. Journal of Public Health. 45 (2), pp. e346-e354. https://doi.org/10.1093/pubmed/fdac112

Interviewing in virtual environments: Towards understanding the impact of rapport-building behaviours and retrieval context on eyewitness memory.
Dando, C.J., Taylor, Donna A, Caso, Alessandra, Nahouli, Zacharia and Adam, Charlotte 2023. Interviewing in virtual environments: Towards understanding the impact of rapport-building behaviours and retrieval context on eyewitness memory. Memory & cognition. 51, pp. 404-421. https://doi.org/10.3758/s13421-022-01362-7

‘We’re welcomed into people’s homes every day’ versus ‘we’re the people that come and arrest you’: The relational production of masculinities and vulnerabilities among male first responders
Linceviciute, S., Ridge, Damien T., Gautier, C., Dando, C.J., Oliffe, J. and Broom, A. 2022. ‘We’re welcomed into people’s homes every day’ versus ‘we’re the people that come and arrest you’: The relational production of masculinities and vulnerabilities among male first responders. Sociology of Health & Illness. 44 (7), pp. 1094-1113. https://doi.org/10.1111/1467-9566.13481

Improving professional observers’ veracity judgments by tactical interviewing
Sandham, A, Dando, C.J., Bull, R. and Ormerod, T. 2022. Improving professional observers’ veracity judgments by tactical interviewing. Journal of Police and Criminal Psychology. 37, pp. 279-287. https://doi.org/10.1007/s11896-020-09391-1

Rapport building and witness memory: Actions may ‘speak’ louder than words
Nahouli, Z., Dando, C.J., Mackenzie, J.-M. and Aresti, A. 2021. Rapport building and witness memory: Actions may ‘speak’ louder than words. PLoS ONE. 16 (8) e0256084. https://doi.org/10.1371/journal.pone.0256084

The use and efficacy of question type and an attentive interviewing style in adult rape interviews
Webster, W., Oxburgh, G. and Dando, Coral J. 2021. The use and efficacy of question type and an attentive interviewing style in adult rape interviews. Psychology, Crime & Law. 27 (7), pp. 656-677. https://doi.org/10.1080/1068316x.2020.1849694

Supporting older eyewitnesses’ episodic memory: The Self-Administered Interview and Sketch Reinstatement of Context
Dando, C.J., Gabbert, F. and Hope, L. 2020. Supporting older eyewitnesses’ episodic memory: The Self-Administered Interview and Sketch Reinstatement of Context. Memory. 28 (6), pp. 712-723. https://doi.org/10.1080/09658211.2020.1757718

Aviation security by consent using the Controlled Cognitive Engagement (CCE) alternative screening programme
Dando, C.J. and Ormerod, T. 2020. Aviation security by consent using the Controlled Cognitive Engagement (CCE) alternative screening programme. Journal of Air Transport Management. 86, p. 101824 101824. https://doi.org/10.1016/j.jairtraman.2020.101824

The Witness-Aimed First Account (WAFA): A new technique for interviewing autistic witnesses and victims
Maras, K, Dando, C.J., Stephenson, H, Lambrechts, A, Anns, S. and Gaigg, S 2020. The Witness-Aimed First Account (WAFA): A new technique for interviewing autistic witnesses and victims. Autism. 24 (6), p. 1449–1467 Autism; memory; interviewing; support; witness; victim; Criminal Justice System; police; narratives; event segmentation. https://doi.org/10.1177/1362361320908986

Non-coercive human intelligence gathering
Dando, C.J. and Ormerod, T. 2020. Non-coercive human intelligence gathering. Journal of Experimental Psychology: General. 149 (8), pp. 1435-1448. https://doi.org/10.1037/xge0000724

Police officers’ and Registered Intermediaries’ use of drawing during investigative interviews with vulnerable witnesses
Mattison, M.A. and Dando, C.J. 2020. Police officers’ and Registered Intermediaries’ use of drawing during investigative interviews with vulnerable witnesses. Psychology, Crime and Law. 26 (2), pp. 167-185. https://doi.org/10.1080/1068316X.2019.1652744

The cognitive interview: a tiered approach in the real world
Milne, B., Griffiths, A., Clarke, C. and Dando, C.J. 2019. The cognitive interview: a tiered approach in the real world. in: Dickinson, J.J., Compo, N.S., Carol, R.N., Schwartz , B.L. and McCauley, M.R. (ed.) Evidence based investigative interviewing New York Routledge. pp. 56-73

Health inequalities and health equity challenges for victims of modern slavery
Dando, C.J., Brierley, Robin, Saunders, Karen and Mackenzie, J.-M. 2018. Health inequalities and health equity challenges for victims of modern slavery. Journal of Public Health. 41 (4), pp. 681-688. https://doi.org/10.1093/pubmed/fdy187

One step forward and two steps back? The ‘20 Principles’ for questioning vulnerable witnesses and the lack of an evidence-based approach
Cooper, C., Dando, C.J., Ormerod T., Mattison, M., Marchant, R., Milne, R. and Bull, R. 2018. One step forward and two steps back? The ‘20 Principles’ for questioning vulnerable witnesses and the lack of an evidence-based approach. International Journal of Evidence and Proof. 22 (4), pp. 392-410. https://doi.org/10.1177/1365712718793435

Eyewitness Memory in Face-to-Face and Immersive Avatar-to-Avatar Contexts
Taylor, D.A. and Dando, C.J. 2018. Eyewitness Memory in Face-to-Face and Immersive Avatar-to-Avatar Contexts. Frontiers in Psychology. 9 507. https://doi.org/10.3389/fpsyg.2018.00507

Triage Decision-Making by Welfare Fraud Investigators
Walsh, D., Dando, C.J. and Ormerod, T.C. 2018. Triage Decision-Making by Welfare Fraud Investigators. Journal of Applied Research in Memory & Cognition. 7 (1), pp. 82-91. https://doi.org/10.1016/j.jarmac.2018.01.002

No evidence against Sketch Reinstatement of Context, Verbal Labels or the use of Registered Intermediaries for children with Autism Spectrum Disorder: Response to Henry et al. (2017)
Dando, C.J., Ormerod, T. C., Cooper, T. C., Mattison, M., Merchant, R., Milne, R. and Bull, R. 2018. No evidence against Sketch Reinstatement of Context, Verbal Labels or the use of Registered Intermediaries for children with Autism Spectrum Disorder: Response to Henry et al. (2017). Journal of Autism and Developmental Disorders. 48 (7), pp. 2593-2596. https://doi.org/10.1007/s10803-018-3479-z

Drawing the answers: Sketching to support free and probed recall by child witnesses and victims with autism spectrum disorder
Mattison, M., Dando, C.J. and Ormerod, T.C. 2018. Drawing the answers: Sketching to support free and probed recall by child witnesses and victims with autism spectrum disorder. Autism . 22 (2), pp. 181-194. https://doi.org/10.1177/1362361316669088

Analysing decision logs to understand decision-making in serious crime investigations
Dando, C.J. and Ormerod, T.C. 2017. Analysing decision logs to understand decision-making in serious crime investigations. Human Factors: The Journal of the Human Factors and Ergonomics Society. 59 (8), pp. 1188-1203. https://doi.org/10.1177/0018720817727899

Cognition in context: A comparison of eyewitness retrieval in face-to-face, remote avatar mediated, and asynchronous vocal smartphone interviews
Taylor, D.A. and Dando, C.J. 2017. Cognition in context: A comparison of eyewitness retrieval in face-to-face, remote avatar mediated, and asynchronous vocal smartphone interviews. International Investigative Interviewing Research Group Conference (iIIRG X 2017). Monterey, California 05 - 07 Jul 2017

Cognition in context: A comparison of eyewitness retrieval in face-to-face and remote avatar mediated interviews
Taylor, D.A. and Dando, C.J. 2017. Cognition in context: A comparison of eyewitness retrieval in face-to-face and remote avatar mediated interviews . EAPL. Brussels 29 - 31 May 2017

Interviewing Adult Witnesses and Victims
Dando, C.J., Geiselman, R. E., MacLeod, N. and Griffiths, A. 2016. Interviewing Adult Witnesses and Victims. in: Oxburgh, G., Myklebust, T. and Milne, R. (ed.) Communication in Investigative and Legal Contexts: Integrated Approaches from Forensic Psychology, Linguistics and Law Enforcement Chichester Wiley. pp. 79-107

Applied Cyberpsychology: Military and Defence Applications
Dando, C.J. and Tranter, C. 2016. Applied Cyberpsychology: Military and Defence Applications. in: Attrill, A. and Fullwood, C. (ed.) Applied Cyberpsychology. Practical Applications of Cyberpsychological Theory and Research Hampshire Palgrave Macmillan. pp. 197-216

Perceptions of Psychological Coercion and Human Trafficking in the West Midlands of England: Beginning to Know the Unknown
Dando, C. J., Walsh, D. and Brierley, R. 2016. Perceptions of Psychological Coercion and Human Trafficking in the West Midlands of England: Beginning to Know the Unknown. PLoS ONE. 11 (5) e0153263. https://doi.org/10.1371/journal.pone.0153263

Empathy in the field: Towards a taxonomy of empathic communication in information gathering interviews with suspected sex offenders
Dando, C.J. and Oxburgh G.E. 2016. Empathy in the field: Towards a taxonomy of empathic communication in information gathering interviews with suspected sex offenders. The European Journal of Psychology Applied to Legal Context. 8 (1), pp. 27-33. https://doi.org/10.1016/j.ejpal.2015.10.001

Scent Trails: The challenge of Countering Terrorism Through Intelligent Surveillance
Sandham, A., Ormerod, T.C., Dando, C.J. and Menacere, T. 2015. Scent Trails: The challenge of Countering Terrorism Through Intelligent Surveillance. in: Stedmon, A. and Lawson, G. (ed.) Hostile Intent and Counter-Terrorism: Human Factors Theory and Application London Routledge. pp. 129-149

Drawing to remember: Supporting child witnesses and victims with Autistic Spectrum Disorder to give ‘Best Evidence’
Matison, M. L., Dando, C.J. and Ormerod, T. C. 2015. Drawing to remember: Supporting child witnesses and victims with Autistic Spectrum Disorder to give ‘Best Evidence’. Journal of Autism and Developmental Disorders. 45 (6), pp. 1751-1765. https://doi.org/10.1007/s10803-014-2335-z

Finding a needle in a haystack: Towards a psychologically-informed method for aviation security screening
Ormerod, T.C. and Dando, C.J. 2015. Finding a needle in a haystack: Towards a psychologically-informed method for aviation security screening. Journal of Experimental Psychology: General. 144 (1), p. 76–84. https://doi.org/10.1037/xge0000030

Intelligence Interviewing: Synthetic Environments, Cognition and Cognitive Styles
Dando, C.J. and Tranter, C.L. 2015. Intelligence Interviewing: Synthetic Environments, Cognition and Cognitive Styles. Investigative Interviewing: Research and Practice. 7 (2), pp. 43-51.

Detecting insider threats through language change
Taylor, P. J., Dando, C.J., Ormerod, T. C., Ball, L., Jenkins, M., Sandham, A. and Menacere, T. 2013. Detecting insider threats through language change. Law and Human Behavior. 37 (4), pp. 267-275.. https://doi.org/10.1037/lhb0000032

Drawing to Remember: External Support of Older Adults’ Eyewitness Performance
Dando, C.J. 2013. Drawing to Remember: External Support of Older Adults’ Eyewitness Performance. PLoS ONE. 8 (7) e69937. https://doi.org/10.1371/journal.pone.0069937

Victims and witnesses of crime: Police officers' perceptions of interviewing practices
Dando, C.J., Wilcock, R. and Milne, R. 2008. Victims and witnesses of crime: Police officers' perceptions of interviewing practices. Legal and Criminological Psychology. 13 (1), pp. 59-70. https://doi.org/10.1348/135532506X162498

Permalink - https://westminsterresearch.westminster.ac.uk/item/vq3y6/sorting-insiders-from-co-workers-remote-synchronous-computer-mediated-triage-for-investigating-insider-attacks

Sorting Insiders from Co-workers: Remote synchronous computer-mediated triage for investigating insider attacks

Related outputs

Share this

Usage statistics

Export as