search menu icon-carat-right cmu-wordmark

Insider Threat Blog

Real-World Work Combating Insider Threats

Latest Posts

Cybersecurity Performance: 8 Indicators

Cybersecurity Performance: 8 Indicators

• Insider Threat Blog
Summer Fowler

Since 1988's Morris Worm, which infected 10% of the estimated 60,000 computers connected to the internet, cybersecurity has grown into an industry expected to exceed $1 trillion in global spending between 2017 and 2021. Cybercrime will cost the global business market an estimated average of $6 trillion annually through the same time frame! So how do we spend just enough money on cybersecurity to be resilient and achieve our business objectives despite disruptive events like...

Read More
CryptoDNS--Should We Worry?

CryptoDNS--Should We Worry?

• Insider Threat Blog
Matthew Mackie

By Matt Mackie When the Internet was still ARPANET, hostnames were converted to numerical addresses using a hosts.txt file stored locally on each computer. This system evolved into today's hierarchical domain name system (DNS). Namecoin is a new--and old--alternative to DNS: it relies on a locally stored file, like the hosts.txt file, but the file is a blockchain, similar to that used in Bitcoin financial transactions. This cryptoDNS offers anonymity, security, and resistance to censorship--features...

Read More
Why Is Measurement So Hard?

Why Is Measurement So Hard?

• Insider Threat Blog
Katie C. Stewart

Developing security metrics within an organization is an ongoing challenge. Organizations want to know "Am I secure enough?" While this is the common question, it lacks context. Organizations vary in size, mission, risk appetites, and budget for security. There is no "one size fits all" for security metrics....

Read More
CERT NITC Insider Threat Program Manager Certificate

CERT NITC Insider Threat Program Manager Certificate

• Insider Threat Blog
Robin M. Ruefle

Increasingly, organizations, including the federal government and industry, are recognizing the need to counter insider threats and are doing it through specially focused teams. The CERT Division National Insider Threat Center (NITC) offers an Insider Threat Program Manager certificate to help organizations build such teams and supports programs that are flexible, based on best practices, and tailored to the unique circumstances of individual organizations....

Read More
Head in the Clouds

Head in the Clouds

• Insider Threat Blog
Matthew Butkovic

The transition from on-premises information systems to cloud services represents a significant, and sometimes uncomfortable, new way of working for organizations. Establishing meaningful Service Level Agreements (SLAs) and monitoring the security performance of cloud service providers are two significant challenges. This post proposes that a process- and data-driven approach would alleviate these concerns and produce high-quality SLAs that reduce risk and increase transparency....

Read More
7 Considerations for Cyber Risk Management

7 Considerations for Cyber Risk Management

• Insider Threat Blog
David Tobar

Each year brings new cybersecurity threats, breaches, and previously unknown vulnerabilities in established systems. Even with unprecedented vulnerabilities such as Spectre and Meltdown, the approach to dealing with the risks they pose is the same as ever: sound risk management with systematic processes to assess and respond to risks. This post offers seven considerations for cyber risk management....

Read More
CERT Insider Threat Vulnerability Assessments, ITVA Training Course, and ITVA Certificate Program

CERT Insider Threat Vulnerability Assessments, ITVA Training Course, and ITVA Certificate Program

• Insider Threat Blog
Mark T. Zajicek

The CERT National Insider Threat Center (NITC) has been researching insider threats since 2001. In this blog post, we provide an overview of the CERT Insider Threat Vulnerability Assessment methodology, the CERT Insider Threat Vulnerability Assessor (ITVA) Training course, and the CERT Insider Threat Vulnerability Assessor Certificate program....

Read More
How to Get the Most Out of Penetration Testing

How to Get the Most Out of Penetration Testing

• Insider Threat Blog
Michael Cook

There are many reasons for an organization to perform a penetration test of its information systems: to meet compliance standards, test a security team's capabilities, or determine the effectiveness of controls, to name a few. A badly scoped or poorly executed penetration test might do nothing more than validate known vulnerabilities, easily identified by software, or reiterate the efficacy of social engineering. However, with some preparation and engagement on the part of the consumer, a...

Read More