http://sei.cmu.edu/feeds/tag/Updates on changes and additions to the SEI Blog for posts matching Mission Assuranceen-usMon, 31 Oct 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/how-to-mitigate-insider-threats-by-learning-from-past-incidents/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post summarizes a new best practice added to the new 7th edition of the Common Sense Guide to Mitigating Insider Threats, "Learn from Past Insider Threat Incidents."Dan CostaMon, 31 Oct 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/how-to-mitigate-insider-threats-by-learning-from-past-incidents/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceCyber Risk and Resilience Managementhttps://www.sei.cmu.edu/blog/benfords-law-potential-applications-insider-threat-detection/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLearn how a mathematical law may help detect insider activity without the effort of traditional anomaly detection in this informative SEI Blog postEmily KesselThu, 17 Dec 2020 00:00:00 -0500https://www.sei.cmu.edu/blog/benfords-law-potential-applications-insider-threat-detection/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/insider-threat-incidents-assets-targeted-by-malicious-insiders/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post details CERT's new taxonomy for targeted assets in insider threat incidents and highlights their latest findings.Sarah MillerTue, 29 Sep 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/insider-threat-incidents-assets-targeted-by-malicious-insiders/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/highlights-from-the-7th-annual-national-insider-threat-center-nitc-symposium-day-one/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post recaps the first day of the National Insider Threat Symposium, covering proactive approaches to reducing insider incidents.Dan Costa, Sarah MillerWed, 23 Sep 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/highlights-from-the-7th-annual-national-insider-threat-center-nitc-symposium-day-one/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/insider-threat-incidents-communication-channels/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLearn how to identify risk behaviors and detect insider threats with communication channel monitoring in this informative SEI Blog post.Sarah Miller, Alex PickeringThu, 17 Sep 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/insider-threat-incidents-communication-channels/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/insider-threat-incidents-most-commonly-affected-devices/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLearn about the most common devices affected by insider threat incidents and their impact on insider risk management and incident response in this SEI Blog post.Sarah Miller, Alex PickeringThu, 10 Sep 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/insider-threat-incidents-most-commonly-affected-devices/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/organizational-resilience-to-insider-threats/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post explores the activities of the CERT National Insider Threat Center and offers strategies for operational resilience.Dan CostaThu, 03 Sep 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/organizational-resilience-to-insider-threats/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/functional-requirements-for-insider-threat-tool-testing/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesBecause of the scope and scale of the insider threat, the SEI recommends that organizations adopt a use-case-based approach to insider risk mitigation....Bob Ditmore, Derrick SpoonerThu, 19 Mar 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/functional-requirements-for-insider-threat-tool-testing/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/comments-on-nist-ir-8269-a-taxonomy-and-terminology-of-adversarial-machine-learning/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe U.S. National Institute of Standards and Technology (NIST) recently held a public comment period on their draft report on proposed taxonomy and terminology of Adversarial Machine Learning (AML)....Jonathan SpringThu, 13 Feb 2020 00:00:00 -0500https://www.sei.cmu.edu/blog/comments-on-nist-ir-8269-a-taxonomy-and-terminology-of-adversarial-machine-learning/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecurity VulnerabilitiesCERT/CCAutonomy and Counter-AutonomySoftware and Information AssuranceSystem Verification and ValidationMission Assurancehttps://www.sei.cmu.edu/blog/maturing-your-insider-threat-program-into-an-insider-risk-management-program/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesHaving trouble clearly stating the scope of your insider threat program? Struggling with measuring the program's effectiveness? Failing to provide actionable intelligence to the program stakeholders?...Dan CostaMon, 27 Jan 2020 00:00:00 -0500https://www.sei.cmu.edu/blog/maturing-your-insider-threat-program-into-an-insider-risk-management-program/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/technology-trends-in-data-exfiltration/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesOne of our goals at the CERT National Insider Threat Center (NITC) is to monitor the shifting landscape of insider threat to identify tools and techniques....Alex PickeringThu, 09 Jan 2020 00:00:00 -0500https://www.sei.cmu.edu/blog/technology-trends-in-data-exfiltration/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/measuring-resilience-in-artificial-intelligence-and-machine-learning-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesArtificial intelligence (AI) and machine learning (ML) systems are quickly becoming integrated into a wide array of business and military operational environments....Alexander Petrilli, Shing-hon LauThu, 12 Dec 2019 00:00:00 -0500https://www.sei.cmu.edu/blog/measuring-resilience-in-artificial-intelligence-and-machine-learning-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesArtificial Intelligence EngineeringMission AssuranceInsider ThreatArtificial Intelligencehttps://www.sei.cmu.edu/blog/mapping-cyber-hygiene-to-the-nist-cybersecurity-framework/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn honor of Cybersecurity Awareness Month, I decided to put fingers to keys and share some basic practices that every organization should consider for their cyber hygiene initiatives....Matthew TrevorsWed, 30 Oct 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/mapping-cyber-hygiene-to-the-nist-cybersecurity-framework/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceBest PracticesBest Practices in Network Securityhttps://www.sei.cmu.edu/blog/insider-threat-incident-analysis-court-outcome-observations/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn the United States, legal cases may be tried in criminal court or civil court. According to data in the CERT National Insider Threat Center (NITC) incident corpus, the type of court makes a big difference....Nick MillerWed, 02 Oct 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/insider-threat-incident-analysis-court-outcome-observations/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/september-is-national-insider-threat-awareness-month/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSeptember 2019 has been declared National Insider Threat Awareness Month by the National Insider Threat Task Force, the National Counterintelligence and Security Center....Dan CostaWed, 04 Sep 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/september-is-national-insider-threat-awareness-month/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesInsider ThreatMission Assurancehttps://www.sei.cmu.edu/blog/patterns-and-trends-in-insider-threats-across-industry-sectors-part-9-of-9-insider-threats-across-industry-sectors/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn previous posts of our series analyzing and summarizing insider incidents across multiple sectors, we presented up-to-date statistics from the CERT National Insider Threat Center (NITC)....Dan CostaThu, 22 Aug 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/patterns-and-trends-in-insider-threats-across-industry-sectors-part-9-of-9-insider-threats-across-industry-sectors/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/mission-thread-analysis-using-end-to-end-data-flows-part-2/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe first blog post in this series provided an overview of the E2E Mission Thread Data Flow Analysis (EMDA) method, an approach that analyzes the flow of data as they traverse end-to-end mission threads through the architecture components....Donald FiresmithMon, 19 Aug 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/mission-thread-analysis-using-end-to-end-data-flows-part-2/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission Assurancehttps://www.sei.cmu.edu/blog/mission-thread-analysis-using-end-to-end-data-flows-part-1/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAlthough the vast majority of military missions require the successful collaboration of multiple cyber-physical systems within an overall system of systems (SoS), almost all system and software architects work on programs developing....Donald FiresmithMon, 05 Aug 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/mission-thread-analysis-using-end-to-end-data-flows-part-1/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission Assurancehttps://www.sei.cmu.edu/blog/cybersecurity-governance-part-1-5-fundamental-challenges/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMost organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems....Seth Swinton, Stephanie HedgesThu, 25 Jul 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/cybersecurity-governance-part-1-5-fundamental-challenges/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware and Information AssuranceMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/keeping-an-eye-out-for-positive-risk/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesWe commonly think about risks having negative consequences. With each month bringing new cybersecurity threats, breaches, and vulnerabilities, sound risk management practices are necessary....Mary Beth ChrissisMon, 01 Jul 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/keeping-an-eye-out-for-positive-risk/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threat