SEI Insights

Insider Threat Blog

Real-World Work Combating Insider Threats

Hello, this is Lori Flynn, insider threat researcher for the CERT Program. We are proud to announce the release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats. We are grateful to the U.S. Department of Homeland Security, Federal Network Resilience (FNR) division within the Office of Cybersecurity and Communications, which sponsored updating and augmenting the previous edition released in 2009.The newest edition is based on our significantly expanded database of more than 700 insider threat cases and continued research and analysis, and it covers new technologies and new threats.

Hello, this is Todd Lewellen of the CERT Insider Threat Center. We are excited to announce that a revised version of our Spotlight On: Insider Threat from Trusted Business Partners article has been released. It has been almost three years since the first version of this article was published. During that time, our collection of insider threat case data has grown significantly. Specifically, we have collected 30 additional cases involving trusted business partners (TBPs) alone, which increased our sample population from 45 to 75 cases. Some of these case examples have been included in the new revision of the article.

Hi, this is Dan Klinedinst of the CERT Enterprise Threat and Vulnerability Management team. Recently we've been looking to extend the methodologies from our insider threat research to other sorts of threats. Personally, I'm interested in applying well-known analysis techniques to security data in an automated fashion. The goal is to identify classes of threats and watch how they evolve over time. This analysis will allow organizations to adjust their defenses and resources based on the type of threat they face and the risk it poses to their business or mission.

Hi, this is Dawn Cappelli, Director of the CERT Insider Threat Center. Last week I had the pleasure of participating in The Insider Threat Awareness Virtual Roundtable webinar, which was sponsored by the DHS Office of Infrastructure Protection. The webinar was moderated by Jon Richeson from DHS, and I was joined by the Supervisory Special Agent from the Insider Threat Investigations Unit of the FBI.

Hi, this is Bill Claycomb and Alex Nicoll with installment 8 of a 10-part series on cloud-related insider threats. In this post, we discuss three more areas of future research for cloud-related insider threats: identifying cloud-based indicators of insider threats, virtualization and hypervisors, and awareness and reporting.