search menu icon-carat-right cmu-wordmark

Posts by Randy Trzeciak

The CERT Division's National Insider Threat Center (NITC) Symposium

The CERT Division's National Insider Threat Center (NITC) Symposium

• Blog
Randy Trzeciak

Addressing the Challenges of Maturing an Insider Threat (Risk) Program On May 10, 2019, the Software Engineering Institute's National Insider Threat Center (NITC) will host the 6th Annual Insider Threat Symposium, with this year's theme, "Maturing Your Insider Threat (Risk) Program." The purpose of the symposium is to bring together practitioners on the front lines of insider threat mitigation to discuss the challenges and successes of maturing their insider threat (risk) programs. You will have...

Read More
Insider Threat Incident Analysis by Sector (Part 1 of 9)

Insider Threat Incident Analysis by Sector (Part 1 of 9)

• Blog
Randy Trzeciak

Hello, I am Randy Trzeciak, Director of the CERT National Insider Threat Center (NITC). I would like to welcome you to the NITC blog series on insider threat incidents within various sectors. In this first post, I (1) describe the purpose of the series and highlight what you can expect to see during the series, and (2) review the NITC insider threat corpus, which is the foundation for our empirical research and analysis. Join us...

Read More
Announcing the National Insider Threat Center

Announcing the National Insider Threat Center

• Blog
Randy Trzeciak

The CERT® Division of the Software Engineering Institute (SEI) at Carnegie Mellon University is proud to announce the creation of the CERT National Insider Threat Center (NITC). The establishment of this center builds on our 16 years of work in the insider threat domain. The NITC allows the SEI to enhance its insider threat work across the Department of Defense, U.S. government, industry, and academia. The Center's expanded capabilities give security practitioners access to insider...

Read More
5 Best Practices to Prevent Insider Threat

5 Best Practices to Prevent Insider Threat

• Blog
Randy Trzeciak

Insider threat continues to be a problem with approximately 50 percent of organizations experiencing at least one malicious insider incident per year, according to the 2017 U.S. State of Cybercrime Survey. Although the attack methods vary depending on the industry, the primary types of attacks identified by researchers at the CERT Insider Threat Center--theft of intellectual property, sabotage, fraud, and espionage--continue to hold true. In our work with public and private industry, we continue to...

Read More
Wrap Up of CERT Best Practices to Mitigate Insider Threats Series

Wrap Up of CERT Best Practices to Mitigate Insider Threats Series

• Blog
Randy Trzeciak

We hope you enjoyed our 20-part blog series describing the best practices included in the Common Sense Guide to Mitigating Insider Threats published by the CERT Insider Threat Center. Our goal for the series was to highlight each best practice and provide a few quick wins for you to consider as you attempt to identify and mitigate insider threats in your organization....

Read More
Introduction to the CERT Best Practices to Mitigate Insider Threats Blog Series

Introduction to the CERT Best Practices to Mitigate Insider Threats Blog Series

• Blog
Randy Trzeciak

We at the CERT Insider Threat Center are proud to announce the release of the fifth edition of the Common Sense Guide to Mitigating Insider Threats (CSG). This edition of our best practice guide is based on our significantly expanded corpus of more than 1,000 insider threat incidents and our continued research and analysis. This edition covers new technologies and new threats....

Read More
Responding to New Federal Requirements for Contractors

Responding to New Federal Requirements for Contractors

• Blog
Randy Trzeciak

On May 18, 2016, the DOD published Change 2 to DoD 5220.22-M, "National Industrial Security Operating Manual (NISPOM)," which requires contractors to establish and maintain an insider threat program to detect, deter, and mitigate insider threats. The intent of this blog post is to describe the summary of changes required by Change 2 and the impact it will have on contracting organizations....

Read More
New SIEM Signature Developed to Address Insider Threats

New SIEM Signature Developed to Address Insider Threats

• Blog
Randy Trzeciak

According to the 2011 CyberSecurity Watch Survey, approximately 21 percent of cyber crimes against organizations are committed by insiders. Of the 607 organizations participating in the survey, 46 percent stated that the damage caused by insiders was more significant than the damage caused by outsiders. Over the past 11 years, researchers at the CERT Insider Threat Center have documented incidents related to malicious insider activity. Their sources include media reports, the courts, the United States...

Read More
Developing Controls to Prevent Theft of Intellectual Property

Developing Controls to Prevent Theft of Intellectual Property

• Blog
Randy Trzeciak

According to the 2011 CyberSecurity Watch Survey, approximately 21 percent of cyber crimes against organizations are committed by insiders. Of the 607 organizations participating in the survey, 46 percent stated that the damage caused by insiders was more significant than the damage caused by outsiders. Over the past 11 years, CERT Insider Threat researchers have collected incidents related to malicious activity by insiders obtained from a number of sources, including media reports, the courts, the...

Read More

Contact the Author

Randy Trzeciak

SEI Digital Library

SEI Publications

Visit the SEI Digital Library to see other publications by Randy Trzeciak

View publications