This post was co-authored by Alex Pickering. The CERT National Insider Threat Center collects, categorizes, and analyzes technical insider incidents–those in which the insider used technology–to monitor the evolving...
Read MoreThis post was co-authored by Alex Pickering.At the CERT National Insider Threat Center, we collect, analyze, and categorize insider incidents to populate our CERT Insider Threat Incident Corpus and monitor the evolving insider...
Read MoreThis September is the federal government’s second annual insider threat awareness month, and this year’s theme is resilience. The SEI has a significant body of research in resilience, and in the CERT National Insider...
Read MoreDerrick Spooner co-authored this post. Because of the scope and scale of the insider threat, the SEI recommends that organizations adopt a use-case-based approach to insider risk mitigation. In such an approach, organizations...
Read MoreHaving trouble clearly stating the scope of your insider threat program? Struggling with measuring the program’s effectiveness? Failing to provide actionable intelligence to the program stakeholders? Lacking consensus...
Read MorePhishing attacks target human, rather than technical, vulnerabilities. Some organizations, companies, government agencies, educational institutions, and individuals put on blinders and hope it doesn’t happen to them....
Read MoreOne of our goals at the CERT National Insider Threat Center (NITC) is to monitor the shifting landscape of insider threat to identify tools and techniques insiders may use to harm to their organization. Our expanding repository...
Read MoreShing-Hon Lau co-authored this post. Artificial intelligence (AI) and machine learning (ML) systems are quickly becoming integrated into a wide array of business and military operational environments. Organizations should ensure...
Read MoreIn honor of Cybersecurity Awareness Month, I decided to put fingers to keys and share some basic practices that every organization should consider for their cyber hygiene initiatives. This blog post will describe a process to...
Read MoreThis blog post was co-authored by Jason Fricke. Ransomware poses a growing threat to both businesses and government agencies. Though no strategy can fully eliminate these risks, this post provides recommendations, and links to...
Read MoreIn the United States, legal cases may be tried in criminal court or civil court. According to data in the CERT National Insider Threat Center (NITC) incident corpus, the type of court makes a big difference in the legal outcomes...
Read MoreTuning detective controls is a key component of implementing and operating an insider threat program, and one we have seen many organizations struggle with. Our work helping organizations with their insider threat programs has...
Read More