Software Engineering Institute

In this paper, the authors focus specifically on the methods that were (1) widely reported to be successfully used on the insider threat problem and (2) incorporated into prominent insider threat behavioral analytics tools. In addition, they emphasize methods that are consistent with baseline tools and capabilities observed in mature insider threat programs. The SEI’s CERT Division is planning a subsequent report about more sophisticated behavioral analytic techniques that can play an important role in future insider threat mitigation.