Blog Posts
High-Level Technique for Insider Threat Program's Data Source Selection
This blog discusses an approach that the CERT Division's National Insider Threat Center developed to assist insider threat programs develop, validate, implement, and share potential insider threat risk indicators (PRIs)....
• By Robert M. Ditmore, CERT Insider Threat Center
In Insider Threat
A New Scientifically Supported Best Practice That Can Enhance Every Insider Threat Program!
The CERT National Insider Threat Center (NITC) continues to transition its insider threat research to the public through its publications of the Common Sense Guide to Mitigating Insider Threats (CSG)....
• By Michael C. Theis, CERT Insider Threat Center
In Insider Threat
API Hashing Tool, Imagine That
In the fall of 2018, the CERT Coordination Center (CERT/CC) Reverse Engineering (RE) Team received a tip from a trusted source about a YARA rule that triggered an alert in …
• By Kyle O'Meara, CERT Insider Threat Center
In CERT/CC Vulnerabilities
Insider Threat Incident Analysis by Sector (Part 1 of 9)
Hello, I am Randy Trzeciak, Director of the CERT National Insider Threat Center (NITC). I would like to welcome you to the NITC blog series on insider threat incidents within …
• By Randy Trzeciak, CERT Insider Threat Center
In Insider Threat
Substance Use and Abuse: Potential Insider Threat Implications for Organizations
In this blog post, I will discuss substance abuse as a potential precursor to increased insider threat and share statistics from the CERT National Insider Threat Center's (NITC)....
• By Tracy Cassidy, CERT Insider Threat Center
Coordinated Vulnerability Disclosure for DoD Websites
Almost 30 years ago, the SEI's CERT Coordination Center established a program that enabled security researchers in the field to report vulnerabilities they found in an organization's software or systems....
• By Art Manion, CERT Insider Threat Center
Announcing Insider Threat Program Evaluator Training from the CERT National Insider Threat Center
The National Insider Threat Center (NITC) at the CERT Division of the SEI is developing an Insider Threat Program Evaluator (ITPE) Training course....
• By Robin M. Ruefle, CERT Insider Threat Center
In Insider Threat
Announcing Insider Threat Analyst Training from the CERT National Insider Threat Center
The CERT National Insider Threat Center (NITC) has recently developed an Insider Threat Analyst Training course. This three-day, instructor-led, classroom-based course presents strategies for collecting and analyzing data to prevent, …
• By Daniel Costa, CERT Insider Threat Center
In Insider Threat
Announcing the National Insider Threat Center
The CERT® Division of the Software Engineering Institute (SEI) at Carnegie Mellon University is proud to announce the creation of the CERT National Insider Threat Center (NITC). The establishment of …
• By Randy Trzeciak, CERT Insider Threat Center
In Insider Threat
Secure Software Updates
The CERT Coordination Center recommends automated software updates, at least for security updates. With the emergence of IoT, we see more and more devices running out-of-date software even when they …