Blog Posts
Model-Based Analysis of Agile Development Practices
Applications of Agile development practices in government are providing experience that decision makers can use to improve policy, procedure, and practice....
• By Andrew Moore, Bill Nichols, Bill Novak, David Zubrow
In Agile
Enterprise-Wide Risk Assessments (Part 6 of 20: CERT Best Practices to Mitigate Insider Threats Series)
The sixth practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 6: Consider threats from insiders and business partners in enterprise-wide …
• By Andrew Moore
In Insider Threat
Three Practice Areas for Using Positive Incentives to Reduce Insider Threat
In the 2016 Cyber Security Intelligence Index, IBM found that 60 percent of all cyber attacks were carried out by insiders. One reason that insider threat remains so problematic is …
• By Andrew Moore
In Insider Threat
Modeling and Simulation in Insider Threat
A 2016 study on cybersecurity and digital trust found that 69 percent of organizations surveyed experienced an attempted or successful theft or corruption of data by insiders in the last …
• By Andrew Moore
In Insider Threat
Designing Insider Threat Programs
Insider threat is the threat to organization's critical assets posed by trusted individuals - including employees, contractors, and business partners - authorized to use the organization's information technology systems. Insider …
• By Andrew Moore
In Insider Threat
Effectiveness of a Pattern for Preventing Theft by Insiders
Since 2001, researchers at the CERT Insider Threat Center have documented malicious insider activity by examining media reports and court transcripts and conducting interviews with the United States Secret Service, …
• By Andrew Moore
In Insider Threat
Protecting Against Insider Threats with Enterprise Architecture Patterns
The 2011 CyberSecurity Watch survey revealed that 27 percent of cybersecurity attacks against organizations were caused by disgruntled, greedy, or subversive insiders, employees, or contractors with access to that organization's …