search menu icon-carat-right cmu-wordmark

Insider Threat Blog

Real-World Work Combating Insider Threats

Latest Posts

Improving Cybersecurity Governance via CSF Activity Clusters

Improving Cybersecurity Governance via CSF Activity Clusters

• Insider Threat Blog
Dan Kambic

The National Institute for Science and Technology (NIST) recently released version 1.1 of its Cybersecurity Framework (CSF). Organizations around the world--including the federal civilian government, by mandate--use the CSF to guide key cybersecurity activities. However, the framework's 108 subcategories can feel daunting. This blog post describes the Software Engineering Institute's recent efforts to group the 108 subcategories into 15 clusters of related activities, making the CSF more approachable for typical organizations. The post also gives...

Read More
Foundational Research Behind Text Analytics for Insider Threat: Part 2 of 3

Foundational Research Behind Text Analytics for Insider Threat: Part 2 of 3

• Insider Threat Blog
Carrie Gardner

In this blog series, I review topics related to deploying a text analytics capability for insider threat mitigation. In this segment, I continue the conversation by disambiguating terminology related to text analysis, summarizing methodological approaches for developing text analytics tools, and justifying how this capability can supplement an existing capability to monitor insider threat risk. In my next post, Acquiring or Deploying a Text Analytics Solution, I will discuss how organizations can think through the...

Read More
4 Technical Methods for Improving Phishing Defense

4 Technical Methods for Improving Phishing Defense

• Insider Threat Blog
Brian Chamberlain

According to the Verizon 2018 Data Breach Investigations Report, email was an attack vector in 96% of incidents and breaches that involved social actions (manipulation of people as a method of compromise). The report also says an average of 4% of people will fall for any given phish, and the more phishing emails they have clicked, the more likely they are to click again. The mantra of "more user training" may be helping with the...

Read More
OCTAVE® FORTE and FAIR Connect Cyber Risk Practitioners with the Boardroom

OCTAVE® FORTE and FAIR Connect Cyber Risk Practitioners with the Boardroom

• Insider Threat Blog
Brett Tucker

Editor's note: This blog post first appeared on the FAIR Institute Blog. Organizations with a mix of cutting-edge technologies and legacy systems need adaptable, agile frameworks that provide executives with a real-time view of cyber risks. They also need tools and processes to ensure that everyone from executives to practitioners practice sound, consistent risk management....

Read More
Navigating the Insider Threat Tool Landscape

Navigating the Insider Threat Tool Landscape

• Insider Threat Blog
Derrick Spooner

Mitigating insider threats is a multifaceted challenge that involves the collection and analysis of data to identify threat posed by many different employee types (such as full-time, part-time, or contractors) with authorized access to assets such as people, information, technology, and facilities. The landscape of software and tools designed to aid in this process is almost as wide and varied as the problem itself, which leaves organizations with the challenge of understanding not only the...

Read More
Cybersecurity Architecture, Part 1: Cyber Resilience and Critical Service

Cybersecurity Architecture, Part 1: Cyber Resilience and Critical Service

• Insider Threat Blog
Andrew Hoover

In our cyber resilience assessments at the CERT Division of the SEI, we often find that organizations struggle with several fundamentals of cybersecurity management. Specifically, organizations have trouble identifying what critical assets need to be protected and then implementing specific cyber architecture controls, such as network segmentation and boundary protection, to protect them. This post will be the first in a series focusing on common weaknesses in organizational cybersecurity architecture. This initial post focuses on...

Read More