icon-carat-right menu search cmu-wordmark

Common Sense Guide to Mitigating Insider Threats, Seventh Edition

Technical Report
The guide describes 22 best practices for mitigating insider threat based on the CERT Division's continued research and analysis of more than 3,000 insider threat cases.
Publisher

Software Engineering Institute

Topic or Tag

Abstract

This seventh edition of the Common Sense Guide to Mitigating Insider Threats provides the SEI’s most current recommendations for mitigating insider threats and managing insider risk. These evidence-based recommendations are based on the empirical research and analysis of 3,000 cases of insider threat.

Misuse of authorized access to an organization’s critical assets is a significant and complex threat that requires a coordinated, proactive, enterprise-wide effort to sufficiently address. This guide describes 22 actionable best practices that organizations can use to mitigate insider threat. Each best practice includes strategies and tactics for quick wins and high-impact solutions, mitigations to minimize implementation challenges and roadblocks, and mappings to notable and relevant security and privacy standards. Each best practice also provides resources for relevant stakeholders: Management, Human Resources, Legal Counsel, Physical Security, Information Technology, Information Security, Data Owners, and Software Engineers.

Cite This Technical Report

Software Engineering Institute (2022, September 7). Common Sense Guide to Mitigating Insider Threats, Seventh Edition. Retrieved December 21, 2024, from https://insights.sei.cmu.edu/library/common-sense-guide-to-mitigating-insider-threats-seventh-edition/.

@techreport{Citekey_2022,
author={Software Engineering Institute},
title={Common Sense Guide to Mitigating Insider Threats, Seventh Edition},
month={{Sep},
year={{2022},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://insights.sei.cmu.edu/library/common-sense-guide-to-mitigating-insider-threats-seventh-edition/},
note={Accessed: 2024-Dec-21}
}

Software Engineering Institute. "Common Sense Guide to Mitigating Insider Threats, Seventh Edition." Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, September 7, 2022. https://insights.sei.cmu.edu/library/common-sense-guide-to-mitigating-insider-threats-seventh-edition/.

Software Engineering Institute, "Common Sense Guide to Mitigating Insider Threats, Seventh Edition," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, 7-Sep-2022 [Online]. Available: https://insights.sei.cmu.edu/library/common-sense-guide-to-mitigating-insider-threats-seventh-edition/. [Accessed: 21-Dec-2024].

Software Engineering Institute. "Common Sense Guide to Mitigating Insider Threats, Seventh Edition." Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 7 Sep. 2022. https://insights.sei.cmu.edu/library/common-sense-guide-to-mitigating-insider-threats-seventh-edition/. Accessed 21 Dec. 2024.

Software Engineering Institute. Common Sense Guide to Mitigating Insider Threats, Seventh Edition. Software Engineering Institute. 2022. https://insights.sei.cmu.edu/library/common-sense-guide-to-mitigating-insider-threats-seventh-edition/