search menu icon-carat-right cmu-wordmark

Archive: September 2020

Insider Threat Incidents: Communication Channels

Insider Threat Incidents: Communication Channels

• Insider Threat Blog
Sarah Miller

This post was co-authored by Alex Pickering. The CERT National Insider Threat Center collects, categorizes, and analyzes technical insider incidents--those in which the insider used technology--to monitor the evolving insider threat landscape. In a previous blog post, we reviewed the devices that are affected in insider threat incidents. In this post, we categorize incidents by the channels insiders use to communicate with their co-conspirators as they plan, attack, or conceal their attack on an organization....

Read More
Insider Threat Incidents: Most Commonly Affected Devices

Insider Threat Incidents: Most Commonly Affected Devices

• Insider Threat Blog
Sarah Miller

This post was co-authored by Alex Pickering. At the CERT National Insider Threat Center, we collect, analyze, and categorize insider incidents to populate our CERT Insider Threat Incident Corpus and monitor the evolving insider threat landscape. We recently expanded our taxonomy to classify the devices that insiders affect. This post will discuss the types of devices affected by insider threat incidents and how they impact insider risk management and incident response....

Read More
Organizational Resilience to Insider Threats

Organizational Resilience to Insider Threats

• Insider Threat Blog
Daniel Costa

This September is the federal government's second annual insider threat awareness month, and this year's theme is resilience. The SEI has a significant body of research in resilience, and in the CERT National Insider Threat Center, we apply many of the principles and best practices for resilience to the insider threat problem. In this blog post, we will discuss the relationship between resilience and insider threat, discuss how to make organizations operationally resilient to insider...

Read More