Insider Threat Attributes and Mitigation Strategies
• Technical Note
Publisher
Software Engineering Institute
CMU/SEI Report Number
CMU/SEI-2013-TN-018DOI (Digital Object Identifier)
10.1184/R1/6574451.v1Topic or Tag
Abstract
Malicious insiders pose a threat to the confidentiality, integrity, and availability of an organization's information. Many organizations look for hardware and software solutions that address insider threats but are unsure of what characteristics to look for in a product. This technical note presents seven common attributes of insider threat cases, excluding espionage, drawn from the CERT® Division's database. The note maps the seven attributes to characteristics insider threat products should possess in order to detect, prevent, or mitigate the threat. None of these attributes alone can identify a malicious insider. Rather, each attribute is one of many data points that an organization should consider when implementing an insider threat program.
Cite This Technical Note
Silowash, G. (2013, July 1). Insider Threat Attributes and Mitigation Strategies. (Technical Note CMU/SEI-2013-TN-018). Retrieved December 22, 2024, from https://doi.org/10.1184/R1/6574451.v1.
@techreport{silowash_2013,
author={Silowash, George},
title={Insider Threat Attributes and Mitigation Strategies},
month={{Jul},
year={{2013},
number={{CMU/SEI-2013-TN-018},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6574451.v1},
note={Accessed: 2024-Dec-22}
}
Silowash, George. "Insider Threat Attributes and Mitigation Strategies." (CMU/SEI-2013-TN-018). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, July 1, 2013. https://doi.org/10.1184/R1/6574451.v1.
G. Silowash, "Insider Threat Attributes and Mitigation Strategies," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Note CMU/SEI-2013-TN-018, 1-Jul-2013 [Online]. Available: https://doi.org/10.1184/R1/6574451.v1. [Accessed: 22-Dec-2024].
Silowash, George. "Insider Threat Attributes and Mitigation Strategies." (Technical Note CMU/SEI-2013-TN-018). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Jul. 2013. https://doi.org/10.1184/R1/6574451.v1. Accessed 22 Dec. 2024.
Silowash, George. Insider Threat Attributes and Mitigation Strategies. CMU/SEI-2013-TN-018. Software Engineering Institute. 2013. https://doi.org/10.1184/R1/6574451.v1