Entries Tagged as 'Insider Threat '

Top 10 Insider Threat Posts

Insider Threat No Comments »

By Greg Shannon
Chief Scientist
CERT Division

Greg ShannonFor two consecutive years, organizations reported that insider crimes caused comparable damage (34 percent) to external attacks (31 percent), according to a recent cybercrime report co-sponsored by the CERT Division at the Carnegie Mellon University Software Engineering Institute. Despite this near parity, media reports of attacks often focus on external attacks and their aftermath, yet an attack can be equally or even more devastating when carried out from within an organization. Insider threats are influenced by a combination of technical, behavioral, and organizational issues and must be addressed by policies, procedures, and technologies. Researchers at the CERT Insider Threat Center define insider threat as actions by an individual who meets the following criteria:

  • a current or former employee, contractor, or business partner who has or has had authorized access to an organization’s network, system, or data
  • and intentionally exceeded or intentionally used that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization’s information or information systems.

Insider threats are influenced by a combination of technical, behavioral, and organizational issues that organizations must address through policies, procedures, and technologies. Insider threats are influenced by a combination of technical, behavioral, and organizational issues and must be addressed by policies, procedures, and technologies. Researchers at the The CERT Insider Threat Center provides analysis and solutions to organizations through partnerships with the U.S. Department of Defense, the U.S. Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community. This blog post, the second in a series, introduces the CERT Insider Threat Center blog, which highlights the latest research and security solutions to help organizations protect against insider threat.

Read more...

Software Assurance, Social Networking Tools, Insider Threat, and Risk Analysis—The Latest Research from the SEI

Insider Threat Patterns , Software Assurance , Insider Threat No Comments »

By Douglas C. Schmidt
Principal Researcher

Douglas C. Schmidt As part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in software assurance, social networking tools, insider threat, and the Security Engineering Risk Analysis Framework (SERA). This post includes a listing of each report, author(s), and links where the published reports can be accessed on the SEI website.

Read more...

Designing Insider Threat Programs

Insider Threat No Comments »

By Andrew P. Moore
Lead Researcher
CERT Insider Threat Team 

Andrew P. Moore Insider threat is the threat to organization’s critical assets posed by trusted individuals - including employees, contractors, and business partners - authorized to use the organization’s information technology systems. Insider threat programs within an organization help to manage the risks due to these threats through specific prevention, detection, and response practices and technologies. The National Industrial Security Program Operating Manual (NISPOM), which provides baseline standards for the protection of classified information, is considering proposed changes that would require contractors that engage with federal agencies, which process or access classified information, to establish insider threat programs. The proposed changes to the NISPOM were preceded by Executive Order 13587, Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information. Signed by President Obama in September 2011, Executive Order 13587 requires federal agencies that operate or access classified computer networks to implement insider threat detection and prevention programs.

Read more...

The Latest Published Research from the SEI

Agile , Insider Threat No Comments »

By Douglas C. Schmidt
Principal Researcher

Douglas C. SchmidtAs part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in assuring software reliabilityfuture architecturesAgile software teamsinsider threat, and HTML5. This post includes a listing of each report, author(s), and links where the published reports can be accessed on the SEI website. 

Read more...

The Latest Research from the SEI

Acquisition , Insider Threat No Comments »

By Douglas C. Schmidt
Principal Researcher


Douglas C. Schmidt As part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in cybersecurity risks,software assuranceadvanced persistent threatinternational insider threat,Wireless Emergency Alerts Servicesecurity and survivability, and acquisition

This post includes a listing of each report, author(s), and links where the published reports can be accessed on the SEI website. 

Read more...