Blog Posts
How to Mitigate Insider Threats by Learning from Past Incidents
This post summarizes a new best practice added to the new 7th edition of the Common Sense Guide to Mitigating Insider Threats, "Learn from Past Insider Threat Incidents."
• By Daniel Costa
In Insider Threat
Highlights from the 7th Annual National Insider Threat Center (NITC) Symposium, Day One
This year's seventh annual National Insider Threat Symposium, "From Mitigating Insider Threats to Managing Insider Risk," focuses on proactive approaches to reducing the impact and likelihood of insider incidents within …
• By Daniel Costa, Sarah Miller
In Insider Threat
Organizational Resilience to Insider Threats
In this blog post, we will discuss the relationship between resilience and insider threat, discuss how to make organizations operationally resilient to insider threats, present strategies for making your insider …
• By Daniel Costa
In Insider Threat
Maturing Your Insider Threat Program into an Insider Risk Management Program
Having trouble clearly stating the scope of your insider threat program? Struggling with measuring the program's effectiveness? Failing to provide actionable intelligence to the program stakeholders?...
• By Daniel Costa
In Insider Threat
Improving Insider Threat Detection Methods Through Software Engineering Principles
Tuning detective controls is a key component of implementing and operating an insider threat program, and one we have seen many organizations struggle with....
• By Daniel Costa
In Insider Threat
September Is National Insider Threat Awareness Month
September 2019 has been declared National Insider Threat Awareness Month by the National Insider Threat Task Force, the National Counterintelligence and Security Center....
• By Daniel Costa
In Insider Threat
Patterns and Trends in Insider Threats Across Industry Sectors (Part 9 of 9: Insider Threats Across Industry Sectors)
In previous posts of our series analyzing and summarizing insider incidents across multiple sectors, we presented up-to-date statistics from the CERT National Insider Threat Center (NITC)....
• By Daniel Costa
In Insider Threat
Announcing Insider Threat Analyst Training from the CERT National Insider Threat Center
The CERT National Insider Threat Center (NITC) has recently developed an Insider Threat Analyst Training course. This three-day, instructor-led, classroom-based course presents strategies for collecting and analyzing data to prevent, …
• By Daniel Costa, CERT Insider Threat Center
In Insider Threat
Machine Learning and Insider Threat
As organizations' critical assets have become digitized and access to information has increased, the nature and severity of threats has changed. Organizations' own personnel--insiders--now have greater ability than ever before …
• By Daniel Costa
In Artificial Intelligence Engineering
Formalized Insider Threat Program (Part 2 of 20: CERT Best Practices to Mitigate Insider Threats Series)
The second practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 2: Develop a formalized insider threat program. In this post, …