search menu icon-carat-right cmu-wordmark

SEI Publishes The CERT Guide to Insider Threats Book

Press Release

Pittsburgh, Pa., February 27, 2012— The Carnegie Mellon Software Engineering Institute (SEI) announced the publication of The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) by Addison-Wesley Professional. The book covers the CERT® Insider Threat Center’s extensive research over the past 10 years collecting and analyzing information about more than 700 insider cybercrimes, ranging from national security espionage to theft of trade secrets.

Authors Dawn Cappelli, Andrew Moore, and Randall Trzeciak systematically address attacks by all types of malicious insiders, including current and former employees, contractors, business partners, outsourcers, and even cloud-computing vendors. They cover three major types of insider cybercrime: IT sabotage, intellectual property theft, and fraud.

Part of the SEI Series in Software Engineering from Addison Wesley, the book offers specific guidance and countermeasures that can be immediately applied by executives, managers, security officers, and operational staff within any private, government, or military organization. “Insider threat is more than just a technical problem,” says Cappelli, technical manager of Enterprise Threat and Vulnerability Management at the CERT Insider Threat Center. “It’s a broad problem across all levels of an organization that involves technical staff as well as operational staff.”

“We believe that the most effective way to address insider threats is not solely by technical controls, it needs to be enterprise-wide,” says Trzeciak, technical team lead of the Insider Threat Research team. “The book shares actionable recommendations for the entire organization, from executive management and board members to IT, data owners, HR, and legal departments."

The CERT Insider Threat Center’s 10 years of research is consolidated into nine chapters understandable by technical and non-technical readers alike. The book explains how to

identify hidden      signs of insider IT sabotage, theft of sensitive information, and fraud

recognize insider      threats throughout the software development life cycle

use advanced      threat controls to resist attacks by both technical and nontechnical      insiders

increase the      effectiveness of existing technical security tools by enhancing rules,      configurations, and associated business processes

prepare for      unusual insider attacks, including attacks linked to organized crime or      the Internet underground

The CERT Guide to Insider Threats book is available for purchase now at Addison-Wesley’s InformIT website at

About the Carnegie Mellon Software Engineering Institute and the CERT Program

The Software Engineering Institute (SEI) is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI helps organizations make measurable improvements in their software engineering capabilities by providing technical leadership to advance the practice of software engineering. For more information, visit the SEI website at The CERT Program serves as a center of enterprise and network security research, analysis, and training within the Software Engineering Institute. For more information, visit the CERT website at