search menu icon-carat-right cmu-wordmark

Insider Threat Blog

Real-World Work Combating Insider Threats

Latest Posts

A Multi-Dimensional Approach to Insider Threat

A Multi-Dimensional Approach to Insider Threat

• Insider Threat Blog
CERT Insider Threat Center

This is Dave Mundie, senior member of the technical staff in the CERT Division. Previous SEI blog posts ("Protecting Against Insider Threats with Enterprise Architecture Patterns" and "Effectiveness of a Pattern for Preventing Theft by Insiders") have described the the pattern language for insider threat that my colleague Andrew Moore and I have been developing. This pattern language consists of 26 mitigation patterns derived from the examination of more than 700 insider threat cases in...

Read More
Unintentional Insider Threats: The Non-Malicious Within

Unintentional Insider Threats: The Non-Malicious Within

• Insider Threat Blog
CERT Insider Threat Center

Hello, I'm David Mundie, a CERT cybersecurity researcher. This post is about the research CERT is doing on the unintentional insider threat. Organizations often suffer from individuals who have no ill will or malicious motivation, but whose actions cause harm. The CERT Insider Threat Center conducts work, sponsored by the Department of Homeland Security's Federal Network Resiliency Division, that examines such cases. We call this category of individuals the "unintentional insider threat" (UIT)....

Read More
Attend Our Insider Threat Webinar

Attend Our Insider Threat Webinar

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Randy Trzeciak, Technical Manager of the Enterprise Threat and Vulnerability Management team in the CERT Division. On Thursday, August 8, the SEI is hosting the webinar Managing the Insider Threat: What Every Organization Should Know. Join me and my colleagues as we discuss insider threat challenges that organizations face today....

Read More
Controlling the Malicious Use of USB Media

Controlling the Malicious Use of USB Media

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is George J. Silowash, Cybersecurity Threat and Incident Analyst for the CERT Division of the Software Engineering Institute. Earlier this year, we released the report Insider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources. In this report, we discuss the challenges universal serial bus (USB) flash drives present to organizations, especially those concerned with protecting their intellectual property....

Read More
How Ontologies Can Help Build a Science of Cybersecurity

How Ontologies Can Help Build a Science of Cybersecurity

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is David Mundie, a Senior Member of the Technical Staff in the CERT Program. The term "science of cybersecurity" is a popular one in our community these days. For some time now I have advocated ontologies and controlled vocabularies as an approach to building such a science. I am fond of citing the conclusion of the Jason Report, that the most important step towards a "science of cybersecurity "would be the construction of...

Read More
CERT Insider Threat Events at the RSA Conference

CERT Insider Threat Events at the RSA Conference

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Dawn Cappelli, Director of the CERT Insider Threat Center. The RSA Conference is rapidly approaching, and since many of you will likely be there, I thought I'd let you know how to find us there. Also, if you would like to get together to discuss insider threat while you're there please email us at insider-threat-feedback@cert.org this week and we'll make arrangements to meet....

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 19 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 19 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Derrick Spooner, Cyber Threat Solutions Engineer for the CERT Program, with the last of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 18 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 18 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Randy Trzeciak, Technical Team Lead of Research in the CERT Insider Threat Center, with the eighteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should...

Read More