Abstract
IP theft insiders continue to pose threats to organizations, which can lead to large financial losses and reputational harm. This paper examines IP insider threat in a novel way by combining the methods of Grounded Theory and Behavior Sequence Analysis. Novel socio-technical variables identified in our study included IP theft via photographs rather than simply downloading data, travelling overseas, approaching other organizations, and delivering presentations. Contrary to previous assumptions about IP theft, the BSA revealed multiple, complex pathways that were not linear. The analysis showed the work behind seeking out potential organizations to sell the stolen IP. This occurred in some cases on multiple occasions (until the insider was successful at selling or continued, gaining multiple transactions). Uniquely, the paper proposes a new way forward in considering insider threats. We argue that insider threat takes place via non-linear and multiple pathways. Understanding insider threat by applying this framework opens up new, improved methods to prevent and detect Drawing from Situational Crime Prevention Theory, we provide guidelines for policymakers to make it harder for insiders to commit these acts (e.g., policies around personal devices and travel).