Blog Posts

InTP Series: Key Elements of an Insider Threat Program (Part 2 of 18)

Before establishing an insider threat program in your organization, you first must understand the required components of such a program. In this second of a series of 18 posts, I …

Read More

March 10, 2015 • By CERT Insider Threat Center

In Insider Threat

InTP Series: Establishing an Insider Threat Program (Part 1 of 18)

Are you planning on establishing an insider threat program in your organization? If so, you'll find this series of 18 blog posts helpful. In this post, the first in the …

Read More

March 3, 2015 • By CERT Insider Threat Center

In Insider Threat

Unintentional Insider Threats by Economic Sector

Hello, I'm Tracy Cassidy, a CERT cybersecurity researcher. This post is about the research the CERT Division is doing on unintentional insider threat (UIT) with a particular emphasis on phishing …

Read More

July 21, 2014 • By Tracy Cassidy, CERT Insider Threat Center

In Insider Threat

"Four Insider IT Sabotage Mitigation Patterns and an Initial Effectiveness Analysis" Paper Released

Hello, this is Matt Collins of the CERT Insider Threat Center. We are pleased to announce the publication of our paper "Four Insider IT Sabotage Patterns and an Initial Effectiveness …

Read More

May 13, 2014 • By CERT Insider Threat Center

In Insider Threat

Theft of Intellectual Property by Insiders

This is Matt Collins, Insider Threat Researcher at the CERT Insider Threat Center. In this post, I cover statistics related to a group of cases in the CERT Division's insider …

Read More

December 17, 2013 • By CERT Insider Threat Center

In Insider Threat

Analyzing Insider Threat Data in the MERIT Database

In this post I describe some of the types of insider incident data we record in our Management and Education of the Risk of Insider Threat (MERIT) database.

Read More

October 16, 2013 • By CERT Insider Threat Center

In Insider Threat

The Latest CERT Research of Unintentional Insider Threats: Social Engineering

Hello, I'm David Mundie, a CERT cybersecurity researcher. This post is about the research CERT is doing on unintentional insider threats, in particular social engineering.Earlier this year, the CERT Division's …

Read More

September 29, 2013 • By David Mundie, CERT Insider Threat Center

In Insider Threat

Practical Math for Your Security Operations - Part 2 of 3

Hi, this is Vijay Sarvepalli, Security Solutions Engineer in the CERT Division again. In my earlier blog post, I offered some ideas for applying set theory in your SOC (Security …

Read More

September 12, 2013 • By Vijay Sarvepalli, CERT Insider Threat Center

In CERT/CC Vulnerabilities

International Considerations for Cybersecurity Best Practices

Hi! We are Lori Flynn and Carly Huth, CERT cybersecurity researchers.This post is about our recently published paper that describes how strategies for implementing international cybersecurity best practice should account …

Read More

September 2, 2013 • By Lori Flynn, CERT Insider Threat Center

In Insider Threat

Seven Ways Insider Threat Products Can Protect Your Organization

In the recently released report, Insider Threat Attributes and Mitigation Strategies, I explore the top seven attributes that insider threat cases have according to our database of over 700 insider …

Read More

August 22, 2013 • By George Silowash, CERT Insider Threat Center

In Insider Threat