search menu icon-carat-right cmu-wordmark

Insider Threat Blog

Real-World Work Combating Insider Threats

Latest Posts

Social Media Awareness (Part 7 of 20: CERT Best Practices to Mitigate Insider Threats Series)

Social Media Awareness (Part 7 of 20: CERT Best Practices to Mitigate Insider Threats Series)

• Insider Threat Blog
Ryan C. Lewis

The seventh practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 7: Be especially vigilant regarding social media. In this post, I discuss the importance of having clear social media policies and conducting social engineering training to help mitigate issues with unintentional insider threat....

Read More
Enterprise-Wide Risk Assessments (Part 6 of 20: CERT Best Practices to Mitigate Insider Threats Series)

Enterprise-Wide Risk Assessments (Part 6 of 20: CERT Best Practices to Mitigate Insider Threats Series)

• Insider Threat Blog
Andrew Moore

The sixth practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 6: Consider threats from insiders and business partners in enterprise-wide risk assessments. In this post, I discuss the importance of developing a comprehensive, risk-based security strategy to prevent, detect, and respond to insider threats, including those caused by business partners that are given authorized access....

Read More
Negative Issues in the Work Environment (Part 5 of 20: CERT Best Practices to Mitigate Insider Threats Series)

Negative Issues in the Work Environment (Part 5 of 20: CERT Best Practices to Mitigate Insider Threats Series)

• Insider Threat Blog
Tracy Cassidy

The fifth practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 5: Anticipate and manage negative issues in the work environment. In this post, I discuss the importance of understanding organizational issues that may cause employee disgruntlement, being proactive, and identifying and responding to concerning behaviors in the workplace....

Read More
Suspicious and Disruptive Behavior Monitoring and Response (Part 4 of 20: CERT Best Practices to Mitigate Insider Threats Series)

Suspicious and Disruptive Behavior Monitoring and Response (Part 4 of 20: CERT Best Practices to Mitigate Insider Threats Series)

• Insider Threat Blog
Tracy Cassidy

The fourth practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 4: Beginning with the hiring process, monitor and respond to suspicious or disruptive behavior. In this post, I discuss the importance of early identification of suspicious and disruptive behavior in the workplace to mitigate potential insider threats....

Read More
Policy and Control Documentation and Enforcement (Part 3 of 20: CERT Best Practices to Mitigate Insider Threats Series)

Policy and Control Documentation and Enforcement (Part 3 of 20: CERT Best Practices to Mitigate Insider Threats Series)

• Insider Threat Blog
Mark T. Zajicek

The third practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 3: Clearly document and consistently enforce policies and controls. In this post, I discuss the importance of having consistent and articulated policies and controls in place within your organization....

Read More
Introduction to the CERT Best Practices to Mitigate Insider Threats Blog Series

Introduction to the CERT Best Practices to Mitigate Insider Threats Blog Series

• Insider Threat Blog
Randy Trzeciak

We at the CERT Insider Threat Center are proud to announce the release of the fifth edition of the Common Sense Guide to Mitigating Insider Threats (CSG). This edition of our best practice guide is based on our significantly expanded corpus of more than 1,000 insider threat incidents and our continued research and analysis. This edition covers new technologies and new threats....

Read More