You've known this blog as the Insider Threat blog, and this will continue to be your go-to source as we share our findings and explore the impact insider threat has on information technology and human resources practices and policies. Our new, expanded content will cover topics across a more broad spectrum that will continue to include insider threat topics as well as others related to how organizations ensure their resilience against disruptive events like cyberattacks.

Our cybersecurity researchers will discuss emerging concepts, application of practices, and results of our work in three key areas:

1. Enterprise Risk Management topics will focus on handling uncertainty and adapting to an ever-changing environment, including fundamentals and innovations in risk management; governance; risk appetite, measurement, and metrics; and policies and processes.
2. Cyber Assurance topics focus on achieving justified confidence in an interconnected world, including measuring and quantifying operational resilience; supply chain management; emerging technologies (e.g., cloud and network function virtualization); tools and techniques (e.g., penetration testing and CERT-RMM); and aligning cyber resilience with organizational objectives, regulations, and standards (e.g., NIST CSF, EO13800, NERC CIP, and FFIEC Handbook).
3. Insider Threat topics will highlight the critical components of establishing an insider threat program and protecting organizations and their assets from malicious and unintentional actions. Topics will include the research the SEI and CMU's newly formed National Insider Threat Center (NITC) conduct in the area, including training, assessments, evaluations, and tools. Posts will highlight CERT's Insider Threat Certificate Programs that teach how to effectively implement and operate an insider threat program.

Leading an organization requires much more than the latest piece of technology; management practices have not always kept pace with the technical landscape. In fact, we often see that technology adoption outpaces updates to policies and processes. Cybersecurity risk and resilience (CRR) researchers in the CERT Division of the SEI focus on technical and process capabilities to protect and sustain assets that are important to the nation's cyber-dependent mission.

The SEI's CRR researchers strive to ensure that critical assets continue to operate during and after disruptive events. This resilience is accomplished by deep technical research and rigorous validation of capabilities within DoD, federal government, and private industry programs.
As a federally funded research and development center, we at the SEI are committed to serving as subject matter experts who are free from conflict of interest or politics. In our posts, we may refer to current events, but we will always be independent third-party advisors who use a scientific approach to recommend improvements to secure the nation and its critical infrastructure.

Check back often or subscribe to the feed for this blog to join our community and learn how to address risk and resilience in your organization!