Insider Threat
Blog Posts
10 Lessons in Security Operations and Incident Management
This post outlines 10 lessons learned from more than three decades of building incident response and security teams throughout the globe.
• By Robin Ruefle
In Insider Threat
CERT Releases 2 Tools to Assess Insider Risk
The average insider risk incident costs organizations more than $600,000. To help organizations assess their insider risk programs, the SEI CERT Division has released two tools available for download.
• By Roger Black
In Insider Threat
The 13 Key Elements of an Insider Threat Program
COVID-19 changed the nature of the workplace. In this evolving climate, organizations need to be increasingly vigilant against insider incidents. In this post, we present the 13 key elements of …
• By Daniel L. Costa, Randall F. Trzeciak
In Insider Threat
How to Mitigate Insider Threats by Learning from Past Incidents
This post summarizes a new best practice added to the new 7th edition of the Common Sense Guide to Mitigating Insider Threats, "Learn from Past Insider Threat Incidents."
• By Daniel L. Costa
In Insider Threat
Potential Implications of the California Consumer Privacy Act (CCPA) for Insider Risk Programs
This blog post reviews the general framework of the California Consumer Privacy Act (CCPA), describes specific implications for insider risk management, and provides recommendations to prepare insider risk programs to …
• By Emily Kessel, Sarah Miller, Carrie Gardner
In Insider Threat
Benford's Law: Potential Applications for Insider Threat Detection
Learn how a mathematical law may help detect insider activity without the effort of traditional anomaly detection in this informative SEI Blog post
• By Emily Kessel
In Insider Threat
Insider Threat Incidents: Assets Targeted by Malicious Insiders
This SEI Blog post details CERT's new taxonomy for targeted assets in insider threat incidents and highlights their latest findings.
• By Sarah Miller
In Insider Threat
Highlights from the 7th Annual National Insider Threat Center (NITC) Symposium, Day One
This SEI Blog post recaps the first day of the National Insider Threat Symposium, covering proactive approaches to reducing insider incidents.
• By Daniel L. Costa, Sarah Miller
In Insider Threat
Insider Threat Incidents: Communication Channels
Learn how to identify risk behaviors and detect insider threats with communication channel monitoring in this informative SEI Blog post.
• By Sarah Miller, Alex Pickering
In Insider Threat
Insider Threat Incidents: Most Commonly Affected Devices
Learn about the most common devices affected by insider threat incidents and their impact on insider risk management and incident response in this SEI Blog post.