SEI Insights

Category: Insider Threat

 CERT NITC Insider Threat Program Manager Certificate

By on

Increasingly, organizations, including the federal government and industry, are recognizing the need to counter insider threats and are doing it through specially focused teams. The CERT Division National Insider Threat Center (NITC) offers an Insider Threat Program Manager certificate to...

 CERT Insider Threat Vulnerability Assessments, ITVA Training Course, and ITVA Certificate Program

By on

The CERT National Insider Threat Center (NITC) has been researching insider threats since 2001. In this blog post, we provide an overview of the CERT Insider Threat Vulnerability Assessment methodology, the CERT Insider Threat Vulnerability Assessor (ITVA) Training course, and...

 2017 U.S. State of Cybercrime Highlights

By on

Each year, the CERT Division of the SEI collaborates with CSO Magazine to develop a U.S. State of Cybercrime report1. These reports are based on surveys of more than 500 organizations across the country, ranging in size from fewer than...

 Announcing Insider Threat Program Evaluator Training from the CERT National Insider Threat Center

By on

The National Insider Threat Center (NITC) at the CERT Division of the SEI is developing an Insider Threat Program Evaluator (ITPE) Training course based on the methods and techniques the NITC currently uses to conduct Insider Threat Program Evaluations. This...

 Announcing Insider Threat Analyst Training from the CERT National Insider Threat Center

By on

The CERT National Insider Threat Center (NITC) has recently developed an Insider Threat Analyst Training course. This three-day, instructor-led, classroom-based course presents strategies for collecting and analyzing data to prevent, detect, and respond to insider activity. Students learn various techniques...

 Technical Detection of Intended Violence: Workplace Violence as an Insider Threat

By on

The threat of insiders causing physical harm to fellow employees or themselves at an organization is real. In 2015 and 2016 alone, there were shootings in the U.S. by current or former employees in various workplaces, including at a television...

 Announcing the National Insider Threat Center

By on

The CERT® Division of the Software Engineering Institute (SEI) at Carnegie Mellon University is proud to announce the creation of the CERT National Insider Threat Center (NITC). The establishment of this center builds on our 16 years of work in...

 Cyber Hygiene: 11 Essential Practices

By on

This post is also authored by Charles M. Wallen. Tightening an organization's cybersecurity can be very complex, and just purchasing a piece of new hardware or software isn't enough. Instead, you might begin by looking at the most common baseline...

 The 3 Pillars of Enterprise Cyber Risk Management

By on

Equifax. Target. The Office of Personnel Management. Each new cyber hack victim has a story that makes the need for cyber risk management more urgent. Any organization hoping to maintain operational resilience during disruption should implement risk management. Unfortunately, that...

 Summary (Part 7 of 7: Mitigating Risks of Unsupported Operating Systems)

By on

In this blog series, I explained the five actions your organization can take now to ensure its cybersecurity and address the risk of having unsupported software. These five actions work together to protect your organization from cyber attacks when it...

 5 Best Practices to Prevent Insider Threat

By on

Insider threat continues to be a problem with approximately 50 percent of organizations experiencing at least one malicious insider incident per year, according to the 2017 U.S. State of Cybercrime Survey. Although the attack methods vary depending on the industry,...

 Blog Expands to Cover More

By on

You've known this blog as the Insider Threat blog, and this will continue to be your go-to source as we share our findings and explore the impact insider threat has on information technology and human resources practices and policies. Our...

 Create a Policy to Manage Unsupported Software (Part 6 of 7: Mitigating Risks of Unsupported Operating Systems)

By on

Although you can accept the risk of running unsupported software, you should treat it as a temporary strategy. In this post, I discuss the importance of establishing a policy for upgrading, replacing, or retiring unsupported software across the organization....

 Establish and Maintain Whitelists (Part 5 of 7: Mitigating Risks of Unsupported Operating Systems)

By on

Software whitelists, part of an organization's software policies, control which applications are permitted to be installed or executed on an organization's devices and network. In this post, I describe how whitelisting and real-time monitoring of log data can reduce the...

 Upgrade, Retire, or Replace Unsupported Software (Part 4 of 7: Mitigating Risks of Unsupported Operating Systems)

By on

In line with its risk management program, an organization might decide to host unsupported applications on its supported or unsupported operating systems. In this post, I describe how organizations should upgrade, replace, or retire unsupported software assets, including operating systems....

 Machine Learning and Insider Threat

By on

As organizations' critical assets have become digitized and access to information has increased, the nature and severity of threats has changed. Organizations' own personnel--insiders--now have greater ability than ever before to misuse their access to critical organizational assets. Insiders know...

 Manage Your Software Inventory (Part 3 of 7: Mitigating Risks of Unsupported Operating Systems)

By on

Having a managed software asset inventory helps an organization ensure that its software is identified, authorized, managed, or retired before it can be exploited. In this post, I describe why your organization should establish a software inventory to manage its...

 Define Your Organization's Risk Tolerance (Part 2 of 7: Mitigating Risks of Unsupported Operating Systems)

By on

Risk tolerance--the amount of risk an organization is willing to accept--should be part of your organization's comprehensive risk management program. In this post, I describe how your organization can define its risk tolerance....

 Introduction (Part 1 of 7: Mitigating Risks of Unsupported Operating Systems)

By on

Federal CIOs and CISOs are challenged with analyzing the risk of having unsupported operating systems on their networks and determining how to properly address this risk. In this blog series, I explain how an unsupported operating system can expose a...

 Wrap Up of CERT Best Practices to Mitigate Insider Threats Series

By on

We hope you enjoyed our 20-part blog series describing the best practices included in the Common Sense Guide to Mitigating Insider Threats published by the CERT Insider Threat Center. Our goal for the series was to highlight each best practice...