The CERT® Division of the Software Engineering Institute (SEI) at Carnegie Mellon University is proud to announce the creation of the CERT National Insider Threat Center (NITC). The establishment of this center builds on our 16 years of work in the insider threat domain. The NITC allows the SEI to enhance its insider threat work across the Department of Defense, U.S. government, industry, and academia. The Center's expanded capabilities give security practitioners access to insider threat assistance across the domain's lifecycle: research, technical solutions, vulnerability assessments, program development and evaluation, training, tool testing, and assessment licensing.
This post is also authored by Charles M. Wallen.
Tightening an organization's cybersecurity can be very complex, and just purchasing a piece of new hardware or software isn't enough. Instead, you might begin by looking at the most common baseline cyber practices that other organizations use in their cybersecurity programs--their cyber hygiene. This post will introduce fundamental cyber hygiene practices for organizations and help you understand the cyber-risk problem space.
Equifax. Target. The Office of Personnel Management. Each new cyber hack victim has a story that makes the need for cyber risk management more urgent. Any organization hoping to maintain operational resilience during disruption should implement risk management. Unfortunately, that comes with many unknowns: Which risk management framework to use? Is risk management expensive? What's the return on investment? This post will help you guide your organization out of this decision paralysis by introducing the three pillars of an enterprise risk program.
In this blog series, I explained the five actions your organization can take now to ensure its cybersecurity and address the risk of having unsupported software. These five actions work together to protect your organization from cyber attacks when it chooses to keep unsupported software on its network.
You've known this blog as the Insider Threat blog, and this will continue to be your go-to source as we share our findings and explore the impact insider threat has on information technology and human resources practices and policies. Our new, expanded content will cover topics across a more broad spectrum that will continue to include insider threat topics as well as others related to how organizations ensure their resilience against disruptive events like cyberattacks.
Although you can accept the risk of running unsupported software, you should treat it as a temporary strategy. In this post, I discuss the importance of establishing a policy for upgrading, replacing, or retiring unsupported software across the organization.
Software whitelists, part of an organization's software policies, control which applications are permitted to be installed or executed on an organization's devices and network. In this post, I describe how whitelisting and real-time monitoring of log data can reduce the organization's exposure to cyber attack.
In line with its risk management program, an organization might decide to host unsupported applications on its supported or unsupported operating systems. In this post, I describe how organizations should upgrade, replace, or retire unsupported software assets, including operating systems.