How to Mitigate Insider Threats by Learning from Past Incidents
This post summarizes a new best practice added to the new 7th edition of the Common Sense Guide to Mitigating Insider Threats, “Learn from Past Insider Threat Incidents.”
Read MoreCategory: CERT Insider Threats
Potential Implications of the California Consumer Privacy Act (CCPA) for Insider Risk Programs
This blog post reviews the general framework of the California Consumer Privacy Act (CCPA), describes specific implications for insider risk management, and provides recommendations to prepare insider risk programs to mitigate...
Read MoreWindows Event Logging for Insider Threat Detection
In this post, I continue my discussion on potential low-cost solutions to mitigate insider threats for smaller organizations or new insider threat programs….
Read MoreHigh-Level Technique for Insider Threat Program’s Data Source Selection
This blog discusses an approach that the CERT Division’s National Insider Threat Center developed to assist insider threat programs develop, validate, implement, and share potential insider threat risk indicators...
Read MoreKeeping an Eye Out for Positive Risk
We commonly think about risks having negative consequences. With each month bringing new cybersecurity threats, breaches, and vulnerabilities, sound risk management practices are necessary….
Read MoreCybersecurity Governance, Part 1: 5 Fundamental Challenges
Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems….
Read MorePatterns and Trends in Insider Threats Across Industry Sectors (Part 9 of 9: Insider Threats Across Industry Sectors)
In previous posts of our series analyzing and summarizing insider incidents across multiple sectors, we presented up-to-date statistics from the CERT National Insider Threat Center (NITC)….
Read MoreSeptember Is National Insider Threat Awareness Month
September 2019 has been declared National Insider Threat Awareness Month by the National Insider Threat Task Force, the National Counterintelligence and Security Center….
Read More7 Guidelines for Being a TRUSTED Penetration Tester
The best way to learn is by doing. But when it comes to penetration testing, learners risk legal implications and bad habits if they don’t follow ethical, safe procedures….
Read MoreImproving Insider Threat Detection Methods Through Software Engineering Principles
Tuning detective controls is a key component of implementing and operating an insider threat program, and one we have seen many organizations struggle with….
Read MoreInsider Threat Incident Analysis: Court Outcome Observations
In the United States, legal cases may be tried in criminal court or civil court. According to data in the CERT National Insider Threat Center (NITC) incident corpus, the type of court makes a big difference….
Read MoreMapping Cyber Hygiene to the NIST Cybersecurity Framework
In honor of Cybersecurity Awareness Month, I decided to put fingers to keys and share some basic practices that every organization should consider for their cyber hygiene initiatives….
Read More