Software Engineering Institute

This collection of assets from the CERT National Insider Threat Center is intended to help organizations understand the special set of insider threat risks present during pandemic conditions. Many employees will be under unusual stress, such as loss of work and personal challenges, and abnormal working conditions, such as working from home. These factors, plus the technical challenges of a remote workforce, can contribute to increased unintentional and malicious insider incidents. Organizations can consult the assets in this collection for information on these risks and strategies for their mitigation.

In the Common Sense Guide to Mitigating Insider Threats, the following best practices are particularly relevant:

• Practice 5: Anticipate and manage negative issues in the work environment.
• Practice 8: Structure management and tasks to minimize insider stress and mistakes.
• Practice 9: Incorporate malicious and unintentional insider threat awareness into periodic security training for all employees.
• Practice 12: Deploy solutions for monitoring employee actions and correlating information from multiple data sources.
• Practice 13: Monitor and control remote access from all end points, including mobile devices.
• Practice 19: Close the doors to unauthorized data exfiltration.
• Practice 21: Adopt positive incentives to align the workforce with the organization.

The Insider Threat Blog also has relevant material:

• Maturing Your Insider Threat Program into an Insider Risk Management Program
• Anti-Phishing Training: Is It Working? Is It Worth It?
• 4 Technical Methods for Improving Phishing Defense