(Mis)Use of Personal Technology by Employees in Financial Services Organisations


Collis, Raichel 2021. (Mis)Use of Personal Technology by Employees in Financial Services Organisations. Thesis
AuthorsCollis, Raichel
Qualification namePhD

This work presents a single methodology design across three different groups to chart the challenges and potential of digital investigation and to offer an original contribution to researchers seeking purposive samples specific to topical research questions. Open-source online intelligence theorised from an attacker's perspective is underpinned by a novel cyber-orientated framework of routine activity theory (RAT) (Cohen and Felson, 1979) to highlight digital footprint as a vector for targeted social engineering. Seventy-six (N=76) demographically diverse financial services employees from occupations throughout the sector provide empirical data via a mixed methods online survey. Cyber-specific RAT evaluates the ‘average user’ (with no specialist training) as a potential contributor to human assisted cybercrime threatening corporate networks through use of personal technologies and internet-based activities. Robust discussion debates routine digital activity using smartphones, tablets, and consumer Internet of Things (IoT) devices as an unmitigated factor for workplace risk. Personal internet use, devices accessing corporate networks, self-promotion on social media, physical and virtual IoT, executive personnel practicing ‘unsafe’ behaviours and assumed device security as licence for unrestricted online activity are key findings of this study which offers original contributions to critical assessment of insider threat. Despite employee (mis)use of personal technology as a potential vector financial organisations are seemingly unprepared for small-scale and dynamic risk. Results recommend bespoke training at all levels to associate personal use and online behaviour with known cyber risks and capacity for loss or harm. Cyber-RAT as a framework to identify suitable targets and potential for guardianship will contribute value added and assist in a more holistic response to cybercrime where the human element complements technological solutions as a positive enhancement to enterprise security.

Keywordspersonal internet activity, Smartphone users, average users, personal digital activity in the workplace, risk of malware, social media, mobile applications, routine activity theory, cyberspace, cybercrime, insider threat, open source intelligence, OSINT, SOCMINT, digital investigation, unsafe online activity, digital footprint, employees, routine digital activity, Internet of Things, IoT, cyber risk.
PublisherUniversity of Derby
Business, Law and Social Sciences
Web address (URL)http://hdl.handle.net/10545/626008
File Access Level
Publication process dates
Deposited23 Sep 2021, 10:11
Publication dates01 Sep 2021
ContributorsHicks, David (Advisor), Henry, Phil (Advisor) and Hodgson, Philip (Advisor)
Permalink -


  • 31
    total views
  • 32
    total downloads
  • 0
    views this month
  • 0
    downloads this month

Export as