search menu icon-carat-right cmu-wordmark

Archive: 2013

Theft of Intellectual Property by Insiders

Theft of Intellectual Property by Insiders

• Insider Threat Blog
CERT Insider Threat Center

This is Matt Collins, Insider Threat Researcher at the CERT Insider Threat Center. In this post, I cover statistics related to a group of cases in the CERT Division's insider threat database related to the theft of intellectual property (IP). The CERT database was started in 2001 and contains insider threat cases that can be categorized into one of four groupings: Fraud Sabotage Theft of Intellectual Property (IP) Miscellaneous Today I'm discussing cases in our...

Read More
Analyzing Insider Threat Data in the MERIT Database

Analyzing Insider Threat Data in the MERIT Database

• Insider Threat Blog
CERT Insider Threat Center

Greetings! This is Matt Collins, an insider threat researcher with the CERT Insider Threat Center. In this post I describe some of the types of insider incident data we record in our Management and Education of the Risk of Insider Threat (MERIT) database. The CERT Insider Threat Center began recording cases of insider threat in 2001. To date we've recorded over 800 incidents using publicly available information. Those 800 plus cases span the years 1995...

Read More
The Latest CERT Research of Unintentional Insider Threats: Social Engineering

The Latest CERT Research of Unintentional Insider Threats: Social Engineering

• Insider Threat Blog
CERT Insider Threat Center

Hello, I'm David Mundie, a CERT cybersecurity researcher. This post is about the research CERT is doing on unintentional insider threats, in particular social engineering. Earlier this year, the CERT Division's Insider Threat Team published the report Unintentional Insider Threats: A Foundational Study that documents results of a study of unintentional insider threats (UIT), which was sponsored by the Department of Homeland Security Federal Network Resilience (FNR). Following the success of that report, we on...

Read More
Seven Ways Insider Threat Products Can Protect Your Organization

Seven Ways Insider Threat Products Can Protect Your Organization

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is George J. Silowash, Cybersecurity Threat and Incident Analyst for the CERT Division. Organizations may be searching for products that address insider threats but have no real way of knowing if a product will meet their needs. In the recently released report, Insider Threat Attributes and Mitigation Strategies, I explore the top seven attributes that insider threat cases have according to our database of over 700 insider incidents. These attributes can be used...

Read More
A Multi-Dimensional Approach to Insider Threat

A Multi-Dimensional Approach to Insider Threat

• Insider Threat Blog
CERT Insider Threat Center

This is Dave Mundie, senior member of the technical staff in the CERT Division. Previous SEI blog posts ("Protecting Against Insider Threats with Enterprise Architecture Patterns" and "Effectiveness of a Pattern for Preventing Theft by Insiders") have described the the pattern language for insider threat that my colleague Andrew Moore and I have been developing. This pattern language consists of 26 mitigation patterns derived from the examination of more than 700 insider threat cases in...

Read More
Unintentional Insider Threats: The Non-Malicious Within

Unintentional Insider Threats: The Non-Malicious Within

• Insider Threat Blog
CERT Insider Threat Center

Hello, I'm David Mundie, a CERT cybersecurity researcher. This post is about the research CERT is doing on the unintentional insider threat. Organizations often suffer from individuals who have no ill will or malicious motivation, but whose actions cause harm. The CERT Insider Threat Center conducts work, sponsored by the Department of Homeland Security's Federal Network Resiliency Division, that examines such cases. We call this category of individuals the "unintentional insider threat" (UIT)....

Read More
Attend Our Insider Threat Webinar

Attend Our Insider Threat Webinar

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Randy Trzeciak, Technical Manager of the Enterprise Threat and Vulnerability Management team in the CERT Division. On Thursday, August 8, the SEI is hosting the webinar Managing the Insider Threat: What Every Organization Should Know. Join me and my colleagues as we discuss insider threat challenges that organizations face today....

Read More
Controlling the Malicious Use of USB Media

Controlling the Malicious Use of USB Media

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is George J. Silowash, Cybersecurity Threat and Incident Analyst for the CERT Division of the Software Engineering Institute. Earlier this year, we released the report Insider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources. In this report, we discuss the challenges universal serial bus (USB) flash drives present to organizations, especially those concerned with protecting their intellectual property....

Read More
How Ontologies Can Help Build a Science of Cybersecurity

How Ontologies Can Help Build a Science of Cybersecurity

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is David Mundie, a Senior Member of the Technical Staff in the CERT Program. The term "science of cybersecurity" is a popular one in our community these days. For some time now I have advocated ontologies and controlled vocabularies as an approach to building such a science. I am fond of citing the conclusion of the Jason Report, that the most important step towards a "science of cybersecurity "would be the construction of...

Read More
CERT Insider Threat Events at the RSA Conference

CERT Insider Threat Events at the RSA Conference

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Dawn Cappelli, Director of the CERT Insider Threat Center. The RSA Conference is rapidly approaching, and since many of you will likely be there, I thought I'd let you know how to find us there. Also, if you would like to get together to discuss insider threat while you're there please email us at insider-threat-feedback@cert.org this week and we'll make arrangements to meet....

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 19 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 19 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Derrick Spooner, Cyber Threat Solutions Engineer for the CERT Program, with the last of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 18 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 18 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Randy Trzeciak, Technical Team Lead of Research in the CERT Insider Threat Center, with the eighteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 17 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 17 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Daniel Costa, Cyber Security Solutions Developer for the CERT Program, with the seventeenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 16 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 16 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is George J. Silowash, Cybersecurity Threat and Incident Analyst and Lori Flynn, Insider Threat Researcher for the CERT Program, with the sixteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 15 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 15 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Randy Trzeciak, Technical Team Lead of Research in the CERT Insider Threat Center, with the fifteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 14 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 14 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Eleni Tsamitis, Insider Threat Administrator for the CERT Program, with the fourteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the enterprise...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 13 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 13 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Ying Han, Graduate Research Assistant of the CERT Enterprise Threat and Vulnerability Management team, with the thirteenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 12 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 12 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Sam Perl, Cybersecurity Analyst for the CERT Program, with the twelfth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the enterprise to...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 11 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 11 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Todd Lewellen, Cybersecurity Threat and Incident Analyst for the CERT Program, with the eleventh of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 10 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 10 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Marcus Smith, a graduate assistant for the CERT Program, with the tenth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the enterprise...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 9 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 9 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Mike Albrethsen, Information Systems Security Analyst for the CERT Program, with the ninth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 8 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 8 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Jeremy Strozer, Senior Cyber Security Specialist for the CERT Program, with the eighth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 7 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 7 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hi, this is Chris King, Member of the Technical Staff for the CERT Program, with the seventh of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 6 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 6 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Jason Clark, Insider Threat Researcher for the CERT Program, with the sixth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the enterprise...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 5 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 5 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Derrick Spooner, Cyber Threat Solutions Engineer for the CERT Program, with the fifth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 4 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 4 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Carly Huth, Insider Threat Researcher for the CERT Program, with the fourth of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the enterprise...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 3 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 3 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Daniel Costa, Cyber Security Solutions Developer for the CERT Program, with the third of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 2 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 2 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is Randy Trzeciak, Technical Team Lead of Insider Threat Research for the CERT Program, with the second of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should...

Read More
Common Sense Guide to Mitigating Insider Threats - Best Practice 1 (of 19)

Common Sense Guide to Mitigating Insider Threats - Best Practice 1 (of 19)

• Insider Threat Blog
CERT Insider Threat Center

Hello, this is George J. Silowash, Cybersecurity Threat and Incident Analyst for the CERT Program, with the first of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats. In the coming weeks, my colleagues and I in the CERT Insider Threat Center will, in a series of blog posts, introduce this edition of the guide by presenting each recommended practice in...

Read More