search menu icon-carat-right cmu-wordmark

Insider Threat Blog

Real-World Work Combating Insider Threats

Latest Posts

Cybersecurity Architecture, Part 2: System Boundary and Boundary Protection

Cybersecurity Architecture, Part 2: System Boundary and Boundary Protection

• Insider Threat Blog
Jason Fricke

This post was also authored by Andrew Hoover. In Cybersecurity Architecture, Part 1: Cyber Resilience and Critical Service, we talked about the importance of identifying and prioritizing critical or high-value services and the assets and data that support them. In this post, we'll introduce our approach for reviewing the security of the architecture of information systems that deliver or support these services. We'll also describe our review's first areas of focus: System Boundary and Boundary...

Read More
Challenges Facing Insider Threat Programs and Hub Analysts: Part 1 of 2

Challenges Facing Insider Threat Programs and Hub Analysts: Part 1 of 2

• Insider Threat Blog
Jason W. Clark

The purpose of this two-part blog series is to discuss five challenges that often plague insider threat programs and more specifically the analysts that are working in insider threat hubs. I am in a unique position to discuss this area because I have many years of experience working directly with operational insider threat programs of varying maturity levels. Thus I have a front-row vantage point to understand the challenges that analysts face on a daily...

Read More
Improving Cybersecurity Governance via CSF Activity Clusters

Improving Cybersecurity Governance via CSF Activity Clusters

• Insider Threat Blog
Dan Kambic

The National Institute for Science and Technology (NIST) recently released version 1.1 of its Cybersecurity Framework (CSF). Organizations around the world--including the federal civilian government, by mandate--use the CSF to guide key cybersecurity activities. However, the framework's 108 subcategories can feel daunting. This blog post describes the Software Engineering Institute's recent efforts to group the 108 subcategories into 15 clusters of related activities, making the CSF more approachable for typical organizations. The post also gives...

Read More
Foundational Research Behind Text Analytics for Insider Threat: Part 2 of 3

Foundational Research Behind Text Analytics for Insider Threat: Part 2 of 3

• Insider Threat Blog
Carrie Gardner

In this blog series, I review topics related to deploying a text analytics capability for insider threat mitigation. In this segment, I continue the conversation by disambiguating terminology related to text analysis, summarizing methodological approaches for developing text analytics tools, and justifying how this capability can supplement an existing capability to monitor insider threat risk. In my next post, Acquiring or Deploying a Text Analytics Solution, I will discuss how organizations can think through the...

Read More
4 Technical Methods for Improving Phishing Defense

4 Technical Methods for Improving Phishing Defense

• Insider Threat Blog
Brian Chamberlain

According to the Verizon 2018 Data Breach Investigations Report, email was an attack vector in 96% of incidents and breaches that involved social actions (manipulation of people as a method of compromise). The report also says an average of 4% of people will fall for any given phish, and the more phishing emails they have clicked, the more likely they are to click again. The mantra of "more user training" may be helping with the...

Read More
OCTAVE® FORTE and FAIR Connect Cyber Risk Practitioners with the Boardroom

OCTAVE® FORTE and FAIR Connect Cyber Risk Practitioners with the Boardroom

• Insider Threat Blog
Brett Tucker

Editor's note: This blog post first appeared on the FAIR Institute Blog. Organizations with a mix of cutting-edge technologies and legacy systems need adaptable, agile frameworks that provide executives with a real-time view of cyber risks. They also need tools and processes to ensure that everyone from executives to practitioners practice sound, consistent risk management....

Read More