Hi, this is Dan Klinedinst of the CERT Enterprise Threat and Vulnerability Management team. Recently we've been looking to extend the methodologies from our insider threat research to other sorts of threats. Personally, I'm interested in applying well-known analysis techniques to security data in an automated fashion. The goal is to identify classes of threats and watch how they evolve over time. This analysis will allow organizations to adjust their defenses and resources based on the type of threat they face and the risk it poses to their business or mission.
Hi, this is Bill Claycomb and Alex Nicoll with the final installment of a series on cloud-related insider threats. In this post, we present our conclusion on the current state of cloud-related insider threats and our vision for the future.
Hi, this is Dawn Cappelli, Director of the CERT Insider Threat Center. Last week I had the pleasure of participating in The Insider Threat Awareness Virtual Roundtable webinar, which was sponsored by the DHS Office of Infrastructure Protection. The webinar was moderated by Jon Richeson from DHS, and I was joined by the Supervisory Special Agent from the Insider Threat Investigations Unit of the FBI.
Hi, this is Bill Claycomb and Alex Nicoll with installment 9 of a 10-part series on cloud-related insider threats. In this post, we discuss in detail two final areas of future research for cloud-related insider threats: normal user behavior analysis and policy integration.
Hi, this is Bill Claycomb and Alex Nicoll with installment 8 of a 10-part series on cloud-related insider threats. In this post, we discuss three more areas of future research for cloud-related insider threats: identifying cloud-based indicators of insider threats, virtualization and hypervisors, and awareness and reporting.
Hi, this is Bill Claycomb and Alex Nicoll with installment 7 of a 10-part series on cloud-related insider threats. In this post, we introduce seven proposed directions for cloud-related insider threat research and discuss two of them in detail: socio-technical approaches and predictive models.
Hi, this is Dawn Cappelli of the CERT Insider Threat Center. We always feel proud when we see others recognize our hard work and, better yet, communicate the results of our work to others. SC Magazine, FedTech, Information Week, eWeek, and GovInfoSecurity have all published articles about the work that the CERT Insider Threat Center has done. We've collected excerpts from each here with a link to the complete article so you can take a look.
Hello, this is Todd Lewellen, information systems security analyst for the CERT Insider Threat Center. We recently conducted a cursory search through our MERIT database for case examples across different industry sectors. This search reminded us just how indiscriminately insider attacks can appear throughout public and private sectors. In other words, while certain insider attacks tend to manifest themselves more often in specific industry sectors, no sector is free from the actions of malicious insiders.