search menu icon-carat-right cmu-wordmark

Insider Threat Blog

Real-World Work Combating Insider Threats

Latest Posts

International Considerations for Cybersecurity Best Practices

International Considerations for Cybersecurity Best Practices

• Insider Threat Blog
CERT Insider Threat Center

Hi! We are Lori Flynn and Carly Huth, CERT cybersecurity researchers. This post is about our recently published paper that describes how strategies for implementing international cybersecurity best practice should account for five factors: technology profile, laws and regulations, law enforcement, culture and subcultures, and corruption....

Read More
Seven Ways Insider Threat Products Can Protect Your Organization

Seven Ways Insider Threat Products Can Protect Your Organization

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is George J. Silowash, Cybersecurity Threat and Incident Analyst for the CERT Division. Organizations may be searching for products that address insider threats but have no real way of knowing if a product will meet their needs. In the recently released report, Insider Threat Attributes and Mitigation Strategies, I explore the top seven attributes that insider threat cases have according to our database of over 700 insider incidents. These attributes can be used...

Read More
A Multi-Dimensional Approach to Insider Threat

A Multi-Dimensional Approach to Insider Threat

• Insider Threat Blog
CERT Insider Threat Center

This is Dave Mundie, senior member of the technical staff in the CERT Division. Previous SEI blog posts ("Protecting Against Insider Threats with Enterprise Architecture Patterns" and "Effectiveness of a Pattern for Preventing Theft by Insiders") have described the the pattern language for insider threat that my colleague Andrew Moore and I have been developing. This pattern language consists of 26 mitigation patterns derived from the examination of more than 700 insider threat cases in...

Read More
Unintentional Insider Threats: The Non-Malicious Within

Unintentional Insider Threats: The Non-Malicious Within

• Insider Threat Blog
CERT Insider Threat Center

Hello, I'm David Mundie, a CERT cybersecurity researcher. This post is about the research CERT is doing on the unintentional insider threat. Organizations often suffer from individuals who have no ill will or malicious motivation, but whose actions cause harm. The CERT Insider Threat Center conducts work, sponsored by the Department of Homeland Security's Federal Network Resiliency Division, that examines such cases. We call this category of individuals the "unintentional insider threat" (UIT)....

Read More
Attend Our Insider Threat Webinar

Attend Our Insider Threat Webinar

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Randy Trzeciak, Technical Manager of the Enterprise Threat and Vulnerability Management team in the CERT Division. On Thursday, August 8, the SEI is hosting the webinar Managing the Insider Threat: What Every Organization Should Know. Join me and my colleagues as we discuss insider threat challenges that organizations face today....

Read More
Controlling the Malicious Use of USB Media

Controlling the Malicious Use of USB Media

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is George J. Silowash, Cybersecurity Threat and Incident Analyst for the CERT Division of the Software Engineering Institute. Earlier this year, we released the report Insider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources. In this report, we discuss the challenges universal serial bus (USB) flash drives present to organizations, especially those concerned with protecting their intellectual property....

Read More
How Ontologies Can Help Build a Science of Cybersecurity

How Ontologies Can Help Build a Science of Cybersecurity

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is David Mundie, a Senior Member of the Technical Staff in the CERT Program. The term "science of cybersecurity" is a popular one in our community these days. For some time now I have advocated ontologies and controlled vocabularies as an approach to building such a science. I am fond of citing the conclusion of the Jason Report, that the most important step towards a "science of cybersecurity "would be the construction of...

Read More
CERT Insider Threat Events at the RSA Conference

CERT Insider Threat Events at the RSA Conference

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Dawn Cappelli, Director of the CERT Insider Threat Center. The RSA Conference is rapidly approaching, and since many of you will likely be there, I thought I'd let you know how to find us there. Also, if you would like to get together to discuss insider threat while you're there please email us at insider-threat-feedback@cert.org this week and we'll make arrangements to meet....

Read More