Blog Posts
Potential Implications of the California Consumer Privacy Act (CCPA) for Insider Risk Programs
This blog post reviews the general framework of the California Consumer Privacy Act (CCPA), describes specific implications for insider risk management, and provides recommendations to prepare insider risk programs to …
• By Emily Kessel, Sarah Miller, Carrie Gardner
In Insider Threat
Insider Threat Incidents: Assets Targeted by Malicious Insiders
As part of the CERT National Insider Threat Center's ongoing efforts to refine and improve our Incident Corpus, and to provide more data to the community, we have updated our …
• By Sarah Miller
In Insider Threat
Highlights from the 7th Annual National Insider Threat Center (NITC) Symposium, Day One
This year's seventh annual National Insider Threat Symposium, "From Mitigating Insider Threats to Managing Insider Risk," focuses on proactive approaches to reducing the impact and likelihood of insider incidents within …
• By Daniel Costa, Sarah Miller
In Insider Threat
Insider Threat Incidents: Communication Channels
The CERT National Insider Threat Center collects, categorizes, and analyzes technical insider incidents--those in which the insider used technology--to monitor the evolving insider threat landscape. In this post, we categorize …
• By Sarah Miller, Alex Pickering
In Insider Threat
Insider Threat Incidents: Most Commonly Affected Devices
At the CERT National Insider Threat Center, we collect, analyze, and categorize insider incidents to populate our CERT Insider Threat Incident Corpus and monitor the evolving insider threat landscape. We …
• By Sarah Miller, Alex Pickering
In Insider Threat
Insider Threats in Finance and Insurance (Part 4 of 9: Insider Threats Across Industry Sectors)
In the previous post of our series analyzing and summarizing insider incidents across multiple sectors, we discussed some of the mandates and requirements associated....
• By Sarah Miller
In Insider Threat
Insider Threats in the Federal Government (Part 3 of 9: Insider Threats Across Industry Sectors)
The CERT National Insider Threat Center (NITC) Insider Threat Incident Corpus contains over 2,000 incidents, which, as Director Randy Trzeciak writes, acts as the "foundation for our empirical research and …
• By Sarah Miller, Randy Trzeciak, Carrie Gardner
In Insider Threat
GDPR and Its Potential Impacts for Insider Threat Programs
The European Union's General Data Protection Regulation (GDPR) is a directive that concerns the processing of personal data by private organizations operating in the European Union, whether as employers or …
• By Sarah Miller
In Insider Threat
Insiders and their Significant Others: Collusion, Motive, and Concealment
Insiders have been known to collude with others, both with coworkers (i.e., other insiders) and outsiders. In our previous post on insider collusion and its impact, we explored 395 insider …
• By Sarah Miller
In Insider Threat
2017 U.S. State of Cybercrime Highlights
Each year, the CERT Division of the SEI collaborates with CSO Magazine to develop a U.S. State of Cybercrime report. These reports are based on surveys of more than 500 …