Archive: 2017-01

The sixth practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 6: Consider threats from insiders and business partners in enterprise-wide risk assessments. In this post, I discuss the importance of developing a comprehensive, risk-based security strategy to prevent, detect, and respond to insider threats, including those caused by business partners that are given authorized access.

The fifth practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 5: Anticipate and manage negative issues in the work environment. In this post, I discuss the importance of understanding organizational issues that may cause employee disgruntlement, being proactive, and identifying and responding to concerning behaviors in the workplace.

The fourth practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 4: Beginning with the hiring process, monitor and respond to suspicious or disruptive behavior. In this post, I discuss the importance of early identification of suspicious and disruptive behavior in the workplace to mitigate potential insider threats.

The third practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 3: Clearly document and consistently enforce policies and controls. In this post, I discuss the importance of having consistent and articulated policies and controls in place within your organization.

We at the CERT Insider Threat Center are proud to announce the release of the fifth edition of the Common Sense Guide to Mitigating Insider Threats (CSG). This edition of our best practice guide is based on our significantly expanded corpus of more than 1,000 insider threat incidents and our continued research and analysis. This edition covers new technologies and new threats.

Our researchers have spent over a decade at the CERT Division exploring, developing, and analyzing operational resilience as a way to not just manage risks, but to achieve mission assurance. Resilience has been codified in our CERT-Resilience Management Model (CERT-RMM), which is a maturity framework of best practices across security, business continuity, and information technology operations focused on an organization's critical assets.

Each year, the CERT Division of the SEI collaborates with CSO Magazine to develop a State of Cybercrime report. These reports are based on surveys of approximately 400 organizations across the country, ranging in size from less than 100 employees to over 10,000.