Motive
Coercion
Curiosity
Espionage
Fear of Reprisals
Hubris
Human Error
Joiner
Lack of Awareness
Leaver
Misapprehension or Delusion
Mover
Personal Gain
Political or Philosophical Beliefs
Recklessness
Resentment
Self Sabotage
Third Party Collusion Motivated by Personal Gain
- ID: AR1
- Created: 22nd May 2024
- Updated: 23rd July 2024
Motive
The reason or underlying cause that prompts a subject to engage in an infringement.
Sections
| ID | Name | Description |
|---|---|---|
| MT012 | Coercion | A subject is persuaded against their will to access and exfiltrate or destroy sensitive data, or conduct some other act that harms or undermines the target organization. |
| MT018 | Curiosity | A subject, motivated solely by personal curiosity, may take actions that unintentionally cause or risk harm to an organization. For example, they might install unauthorized software to experiment with its features or explore a network-attached storage (NAS) device without proper authorization. |
| MT017 | Espionage | A subject carries out covert actions, such as the collection of confidential or classified information, for the strategic advantage of a nation-state. |
| MT009 | Fear of Reprisals | A subject accesses and exfiltrates or destroys sensitive data or otherwise contravenes internal policies in an attempt to prevent professional reprisals against them or other persons. |
| MT011 | Hubris | A subject accesses and exfiltrates or destroys sensitive data or otherwise contravenes internal policies with the aim to successfully defeat controls in order to demonstrate ability and/or skill. |
| MT016 | Human Error | The subject has no threatening motive and is not reckless in their actions. The infringement is a result of an honest mistake made by the subject. |
| MT001 | Joiner | A subject joins the organisation with the pre-formed intent to gain access to sensitive data or otherwise contravene internal policies. |
| MT008 | Lack of Awareness | A subject is unaware that they are prohibited from accessing and exfiltrating or destroying sensitive data or otherwise contravening internal policies. |
| MT003 | Leaver | A subject leaving the organisation with access to sensitive data with the intent to access and exfiltrate sensitive data or otherwise contravene internal policies. |
| MT013 | Misapprehension or Delusion | A subject accesses and exfiltrates of destroys sensitive data or otherwise contravenes internal policies as a result of motives not grounded in reality. |
| MT002 | Mover | A subject moves within the organisation to a different team with the intent to gain access to sensitive data or to circumvent controls or to otherwise contravene internal policies. |
| MT005 | Personal Gain | A subject seeks personal gain from another by accessing and exfiltrating or destroying sensitive data or otherwise contravening internal policies. |
| MT004 | Political or Philosophical Beliefs | A subject is motivated by their political or philosophical beliefs to access and destroy or exfiltrate sensitive data or otherwise contravene internal policies. |
| MT015 | Recklessness | The subject does not have a threatening motive. However, the subject under takes actions without due care and attention to the outcome, which causes an infringement. |
| MT007 | Resentment | A subject is motivated by resentment towards the organisation to access and exfiltrate or destroy data or otherwise contravene internal policies. |
| MT010 | Self Sabotage | A subject accesses and exfiltrates or destroys sensitive data or otherwise contravenes internal policies with the aim to be caught and penalised. |
| MT006 | Third Party Collusion Motivated by Personal Gain | A subject is recruited by a third party to access and exfiltrate or destroy sensitive data or otherwise contravene internal policies for in exchange for a personal gain. |