Blog Posts
InTP Series: Data Collection and Analysis (Part 11 of 18)
A core capability of any insider threat program (InTP) involves collecting data from multiple sources and analyzing that data to identify indicators of insider anomalous activity or an increase in …
• By CERT Insider Threat Center
In Insider Threat
InTP Series: Trusted Business Partners (Part 10 of 18)
In today's business environment, few organizations are able to operate without contractors, subcontractors, temporary employees, contract employees, or other trusted business partners. Understanding how they fit into your insider threat …
• By CERT Insider Threat Center
In Insider Threat
InTP Series: Confidential Reporting (Part 9 of 18)
In this installment of our blog series on establishing insider threat programs, I'll discuss the importance of confidential reporting capabilities within an insider threat program.
• By CERT Insider Threat Center
In Insider Threat
InTP Series: Training and Awareness (Part 8 of 18)
The cornerstones of any insider threat program (InTP) are a formal training and awareness curriculum and a defined set of educational activities. A successful InTP requires multiple levels of training …
• By CERT Insider Threat Center
In Insider Threat
InTP Series: Prevention, Detection, and Response (Part 7 of 18)
In this seventh in a series of 18 posts, I will introduce a few concepts of how to use your enterprise infrastructure to prevent, detect, and respond to insider threat …
• By CERT Insider Threat Center
In Insider Threat
Top 10 Insider Threat Posts
For two consecutive years, organizations reported that insider crimes caused comparable damage (34 percent) to external attacks (31 percent), according to a recent cybercrime report co-sponsored by the CERT Division …
• By Greg Shannon, CERT Insider Threat Center
In Insider Threat
InTP Series: Integration with Enterprise Risk Management (6 of 18)
Like any other threat to the enterprise, risk must be considered when managing the insider threat. This management cannot be done without first acknowledging the risk and implementing it with …
• By CERT Insider Threat Center
In Insider Threat
InTP Series: Oversight of Program Compliance and Effectiveness (Part 5 of 18)
The focus of my work is the nexus of where the threat from outside actors meets the insider. Today, I will talk about one aspect of program development: Oversight of …
• By CERT Insider Threat Center
In Insider Threat
InTP Series: Participation of Business Areas (Part 4 of 18)
This is Mike Albrethsen of the CERT Insider Threat Center with information about which groups should be included in the operation of an effective InTP and why.
• By CERT Insider Threat Center
In Insider Threat
InTP Series: The Formalized Program (Part 3 of 18)
This week in the third installment of our series, we'll take a look at the first component of an insider threat program: the formalized program itself.