Abstract
A common misconception concerning Insider Threat is that the information infrastructure is at considerable risk from technical issues. In fact, Insider Threat is a multidisciplinary concept across many different fields, including personnel security, environment security and technology security. All aspects regarding Insider Threat must be addressed in a well-structured and holistic manner, failure of which may result in security breaches. The aim of this paper is to provide an integrated and holistic approach to establish a security and defense architecture for Insider Threat.