Blog Posts
Creating Transformative and Trustworthy AI Systems Requires a Community Effort
This post explores how professionalizing the practice of AI engineering and developing the AI engineering discipline can increase the dependability and availability of AI systems.
• By Carrie Gardner
In Artificial Intelligence Engineering
Potential Implications of the California Consumer Privacy Act (CCPA) for Insider Risk Programs
This blog post reviews the general framework of the California Consumer Privacy Act (CCPA), describes specific implications for insider risk management, and provides recommendations to prepare insider risk programs to …
• By Emily Kessel, Sarah Miller, Carrie Gardner
In Insider Threat
Insider Threats in Entertainment (Part 8 of 9: Insider Threats Across Industry Sectors)
The Entertainment Industry is the next spotlight blog in the Industry Sector series. Movie and television producers have long entertained the public with insider threat dramas such as Jurassic Park....
• By Mark Dandrea, Carrie Gardner
In Insider Threat
Insider Threats in Healthcare (Part 7 of 9: Insider Threats Across Industry Sectors)
Next in the Insider Threats Across Industry Sectors series is Healthcare. As Healthcare-related information security conversations are predominantly driven by security and privacy concerns....
• By Josh Vasko, Carrie Gardner
In Insider Threat
Insider Threats in Information Technology (Part 6 of 9: Insider Threats Across Industry Sectors)
As Carrie Gardner wrote in the second blog post in this series, which introduced the Industry Sector Taxonomy, information technology (IT) organizations fall in the NAICS Code category professional, scientific, …
• By Michaela Webster, Carrie Gardner
In Insider Threat
Insider Threats in State and Local Government (Part 5 of 9: Insider Threats Across Industry Sectors)
Continuing our industry sector series, this blog post highlights insider threat trends in the State and Local Government subsector and explores distinct characteristics of fraud....
• By Carrie Gardner
In Insider Threat
Performing Text Analytics for Insider Threat Programs: Part 3 of 3
This blog series reviews topics in performing text analytics to support insider threat mitigation. This post presents a procedural framework for operationalizing this capability....
• By Carrie Gardner
In Insider Threat
Insider Threats in the Federal Government (Part 3 of 9: Insider Threats Across Industry Sectors)
The CERT National Insider Threat Center (NITC) Insider Threat Incident Corpus contains over 2,000 incidents, which, as Director Randy Trzeciak writes, acts as the "foundation for our empirical research and …
• By Sarah Miller, Randy Trzeciak, Carrie Gardner
In Insider Threat
Classifying Industry Sectors: Our New Approach to an Industry Sector Taxonomy (Part 2 of 9: Insider Threats Across Industry Sectors)
As Randy Trzeciak mentioned in the first blog in this series, we are often asked about the commonalities of insider incidents for a particular sector....
• By Carrie Gardner, Randy Trzeciak
In Insider Threat
Foundational Research Behind Text Analytics for Insider Threat: Part 2 of 3
In this blog series, I review topics related to deploying a text analytics capability for insider threat mitigation. In this segment, I continue the conversation by disambiguating terminology related to …