SEI Insights

Insider Threat Blog

Real-World Work Combating Insider Threats

Hello, I'm David Mundie, a CERT cybersecurity researcher. This post is about the research CERT is doing on the unintentional insider threat. Organizations often suffer from individuals who have no ill will or malicious motivation, but whose actions cause harm. The CERT Insider Threat Center conducts work, sponsored by the Department of Homeland Security's Federal Network Resiliency Division, that examines such cases. We call this category of individuals the "unintentional insider threat" (UIT).

Hi, this is Randy Trzeciak, Technical Manager of the Enterprise Threat and Vulnerability Management team in the CERT Division. On Thursday, August 8, the SEI is hosting the webinar Managing the Insider Threat: What Every Organization Should Know. Join me and my colleagues as we discuss insider threat challenges that organizations face today.

Hello, this is George J. Silowash, Cybersecurity Threat and Incident Analyst for the CERT Division of the Software Engineering Institute. Earlier this year, we released the report Insider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources. In this report, we discuss the challenges universal serial bus (USB) flash drives present to organizations, especially those concerned with protecting their intellectual property.

Hello, this is David Mundie, a Senior Member of the Technical Staff in the CERT Program. The term "science of cybersecurity" is a popular one in our community these days. For some time now I have advocated ontologies and controlled vocabularies as an approach to building such a science. I am fond of citing the conclusion of the Jason Report, that the most important step towards a "science of cybersecurity "would be the construction of a common language and a set of basic concepts about which the security community can develop a shared understanding," or in other words, an ontology.

Hi, this is Dawn Cappelli, Director of the CERT Insider Threat Center. The RSA Conference is rapidly approaching, and since many of you will likely be there, I thought I'd let you know how to find us there. Also, if you would like to get together to discuss insider threat while you're there please email us at insider-threat-feedback@cert.org this week and we'll make arrangements to meet.

Hello, this is Derrick Spooner, Cyber Threat Solutions Engineer for the CERT Program, with the last of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats.

The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the enterprise to mitigate (prevent, detect, and respond to) insider threats, as well as case studies of organizations that failed to do so. The last of the 19 best practices follows.

Hello, this is Randy Trzeciak, Technical Team Lead of Research in the CERT Insider Threat Center, with the eighteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats.

The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the enterprise to mitigate (prevent, detect, and respond to) insider threats, as well as case studies of organizations that failed to do so. The eighteenth of the 19 best practices follows.

Hello, this is Daniel Costa, Cyber Security Solutions Developer for the CERT Program, with the seventeenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats.

The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the enterprise to mitigate (prevent, detect, and respond to) insider threats, as well as case studies of organizations that failed to do so. The seventeenth of the 19 best practices follows.