SEI Blog | Insider Threathttps://insights.sei.cmu.edu/feeds/topic/insider-threat/atom/?utm_source=blog&utm_medium=rss2024-03-04T00:00:00-05:00Updates on changes and additions to the SEI Blog for posts matching Insider Threat10 Lessons in Security Operations and Incident Management2024-03-04T00:00:00-05:002024-03-04T00:00:00-05:00Robin Rueflehttps://insights.sei.cmu.edu/blog/10-lessons-in-security-operations-and-incident-management/This post outlines 10 lessons learned from more than three decades of building incident response and security teams throughout the globe.CERT Releases 2 Tools to Assess Insider Risk2024-02-26T00:00:00-05:002024-02-26T00:00:00-05:00Roger Blackhttps://insights.sei.cmu.edu/blog/cert-releases-2-tools-to-assess-insider-risk/The average insider risk incident costs organizations more than $600,000. To help organizations assess their insider risk programs, the SEI CERT Division has released two tools available for download.The 13 Key Elements of an Insider Threat Program2023-10-23T00:00:00-04:002023-10-23T00:00:00-04:00Daniel Costa, Randall Trzeciakhttps://insights.sei.cmu.edu/blog/the-13-key-elements-of-an-insider-threat-program/COVID-19 changed the nature of the workplace. In this evolving climate, organizations need to be increasingly vigilant against insider incidents. In this post, we present the 13 key elements of an insider threat program.How to Mitigate Insider Threats by Learning from Past Incidents2022-10-31T00:00:00-04:002022-10-31T00:00:00-04:00Daniel Costahttps://insights.sei.cmu.edu/blog/how-to-mitigate-insider-threats-by-learning-from-past-incidents/This post summarizes a new best practice added to the new 7th edition of the Common Sense Guide to Mitigating Insider Threats, "Learn from Past Insider Threat Incidents."Potential Implications of the California Consumer Privacy Act (CCPA) for Insider Risk Programs2021-05-31T00:00:00-04:002021-05-31T00:00:00-04:00Emily Kessel, Sarah Miller, Carrie Gardnerhttps://insights.sei.cmu.edu/blog/potential-implications-of-the-california-consumer-privacy-act-ccpa-for-insider-risk-programs/This blog post reviews the general framework of the California Consumer Privacy Act (CCPA), describes specific implications for insider risk management, and provides recommendations to prepare insider risk programs to mitigate concerns before the CCPA takes effect.Benford's Law: Potential Applications for Insider Threat Detection2020-12-17T00:00:00-05:002020-12-17T00:00:00-05:00Emily Kesselhttps://insights.sei.cmu.edu/blog/benfords-law-potential-applications-insider-threat-detection/Learn how a mathematical law may help detect insider activity without the effort of traditional anomaly detection in this informative SEI Blog postInsider Threat Incidents: Assets Targeted by Malicious Insiders2020-09-29T00:00:00-04:002020-09-29T00:00:00-04:00Sarah Millerhttps://insights.sei.cmu.edu/blog/insider-threat-incidents-assets-targeted-by-malicious-insiders/This SEI Blog post details CERT's new taxonomy for targeted assets in insider threat incidents and highlights their latest findings.Highlights from the 7th Annual National Insider Threat Center (NITC) Symposium, Day One2020-09-23T00:00:00-04:002020-09-23T00:00:00-04:00Daniel Costa, Sarah Millerhttps://insights.sei.cmu.edu/blog/highlights-from-the-7th-annual-national-insider-threat-center-nitc-symposium-day-one/This SEI Blog post recaps the first day of the National Insider Threat Symposium, covering proactive approaches to reducing insider incidents.Insider Threat Incidents: Communication Channels2020-09-17T00:00:00-04:002020-09-17T00:00:00-04:00Sarah Miller, Alex Pickeringhttps://insights.sei.cmu.edu/blog/insider-threat-incidents-communication-channels/Learn how to identify risk behaviors and detect insider threats with communication channel monitoring in this informative SEI Blog post.Insider Threat Incidents: Most Commonly Affected Devices2020-09-10T00:00:00-04:002020-09-10T00:00:00-04:00Sarah Miller, Alex Pickeringhttps://insights.sei.cmu.edu/blog/insider-threat-incidents-most-commonly-affected-devices/Learn about the most common devices affected by insider threat incidents and their impact on insider risk management and incident response in this SEI Blog post.Organizational Resilience to Insider Threats2020-09-03T00:00:00-04:002020-09-03T00:00:00-04:00Daniel Costahttps://insights.sei.cmu.edu/blog/organizational-resilience-to-insider-threats/This SEI Blog post explores the activities of the CERT National Insider Threat Center and offers strategies for operational resilience.Functional Requirements for Insider Threat Tool Testing2020-03-19T00:00:00-04:002020-03-19T00:00:00-04:00Robert Ditmore, Derrick Spoonerhttps://insights.sei.cmu.edu/blog/functional-requirements-for-insider-threat-tool-testing/Because of the scope and scale of the insider threat, the SEI recommends that organizations adopt a use-case-based approach to insider risk mitigation....Maturing Your Insider Threat Program into an Insider Risk Management Program2020-01-27T00:00:00-05:002020-01-27T00:00:00-05:00Daniel Costahttps://insights.sei.cmu.edu/blog/maturing-your-insider-threat-program-into-an-insider-risk-management-program/Having trouble clearly stating the scope of your insider threat program? Struggling with measuring the program's effectiveness? Failing to provide actionable intelligence to the program stakeholders?...Anti-Phishing Training: Is It Working? Is It Worth It?2020-01-23T00:00:00-05:002020-01-23T00:00:00-05:00Mike Petockhttps://insights.sei.cmu.edu/blog/anti-phishing-training-is-it-working-is-it-worth-it/Phishing attacks target human, rather than technical, vulnerabilities. Some organizations, companies, government agencies, educational institutions, and individuals put on blinders....Technology Trends in Data Exfiltration2020-01-09T00:00:00-05:002020-01-09T00:00:00-05:00Alex Pickeringhttps://insights.sei.cmu.edu/blog/technology-trends-in-data-exfiltration/One of our goals at the CERT National Insider Threat Center (NITC) is to monitor the shifting landscape of insider threat to identify tools and techniques....Mapping Cyber Hygiene to the NIST Cybersecurity Framework2019-10-30T00:00:00-04:002019-10-30T00:00:00-04:00Matthew Trevorshttps://insights.sei.cmu.edu/blog/mapping-cyber-hygiene-to-the-nist-cybersecurity-framework/In honor of Cybersecurity Awareness Month, I decided to put fingers to keys and share some basic practices that every organization should consider for their cyber hygiene initiatives....Insider Threat Incident Analysis: Court Outcome Observations2019-10-02T00:00:00-04:002019-10-02T00:00:00-04:00Nick Millerhttps://insights.sei.cmu.edu/blog/insider-threat-incident-analysis-court-outcome-observations/In the United States, legal cases may be tried in criminal court or civil court. According to data in the CERT National Insider Threat Center (NITC) incident corpus, the type of court makes a big difference....Improving Insider Threat Detection Methods Through Software Engineering Principles2019-09-20T00:00:00-04:002019-09-20T00:00:00-04:00Daniel Costahttps://insights.sei.cmu.edu/blog/improving-insider-threat-detection-methods-through-software-engineering-principles/Tuning detective controls is a key component of implementing and operating an insider threat program, and one we have seen many organizations struggle with....7 Guidelines for Being a TRUSTED Penetration Tester2019-09-17T00:00:00-04:002019-09-17T00:00:00-04:00Karen Millerhttps://insights.sei.cmu.edu/blog/7-guidelines-for-being-a-trusted-penetration-tester/The best way to learn is by doing. But when it comes to penetration testing, learners risk legal implications and bad habits if they don't follow ethical, safe procedures....September Is National Insider Threat Awareness Month2019-09-04T00:00:00-04:002019-09-04T00:00:00-04:00Daniel Costahttps://insights.sei.cmu.edu/blog/september-is-national-insider-threat-awareness-month/September 2019 has been declared National Insider Threat Awareness Month by the National Insider Threat Task Force, the National Counterintelligence and Security Center....