http://sei.cmu.edu/feeds/topic/insider-threat/atom/?utm_source=blog&utm_medium=rss2025-02-03T00:00:00-05:00Updates on changes and additions to the SEI Blog for posts matching Insider Threat2025-02-03T00:00:00-05:002025-02-03T00:00:00-05:00Austin Whisnanthttps://www.sei.cmu.edu/blog/introducing-the-insider-incident-data-exchange-standard-iides/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

Capturing and sharing information about insider incidents is a challenge. This post introduces the Insider Incident Data Exchange Standard (IIDES) schema for insider incident data collection.

2024-09-23T00:00:00-04:002024-09-23T00:00:00-04:00Andrew Moorehttps://www.sei.cmu.edu/blog/a-roadmap-for-incorporating-positive-deterrence-in-insider-risk-management/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

Positive deterrence reduces insider risk through workforce practices that promote the mutual interests of employees and their organization.

2024-03-04T00:00:00-05:002024-03-04T00:00:00-05:00Robin Rueflehttps://www.sei.cmu.edu/blog/10-lessons-in-security-operations-and-incident-management/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

This post outlines 10 lessons learned from more than three decades of building incident response and security teams throughout the globe.

2024-02-26T00:00:00-05:002024-02-26T00:00:00-05:00Roger Blackhttps://www.sei.cmu.edu/blog/cert-releases-2-tools-to-assess-insider-risk/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

The average insider risk incident costs organizations more than $600,000. To help organizations assess their insider risk programs, the SEI CERT Division has released two tools available for download.

2023-10-23T00:00:00-04:002023-10-23T00:00:00-04:00Dan Costa, Randall Trzeciakhttps://www.sei.cmu.edu/blog/the-13-key-elements-of-an-insider-threat-program/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

COVID-19 changed the nature of the workplace. In this evolving climate, organizations need to be increasingly vigilant against insider incidents. In this post, we present the 13 key elements of an insider threat program.

2022-10-31T00:00:00-04:002022-10-31T00:00:00-04:00Dan Costahttps://www.sei.cmu.edu/blog/how-to-mitigate-insider-threats-by-learning-from-past-incidents/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

This post summarizes a new best practice added to the new 7th edition of the Common Sense Guide to Mitigating Insider Threats, "Learn from Past Insider Threat Incidents."

2021-05-31T00:00:00-04:002021-05-31T00:00:00-04:00Emily Kessel, Sarah Miller, Carrie Gardnerhttps://www.sei.cmu.edu/blog/potential-implications-of-the-california-consumer-privacy-act-ccpa-for-insider-risk-programs/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

This blog post reviews the general framework of the California Consumer Privacy Act (CCPA), describes specific implications for insider risk management, and provides recommendations to prepare insider risk programs to mitigate concerns before the CCPA takes effect.

2020-12-17T00:00:00-05:002020-12-17T00:00:00-05:00Emily Kesselhttps://www.sei.cmu.edu/blog/benfords-law-potential-applications-insider-threat-detection/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

Learn how a mathematical law may help detect insider activity without the effort of traditional anomaly detection in this informative SEI Blog post

2020-09-29T00:00:00-04:002020-09-29T00:00:00-04:00Sarah Millerhttps://www.sei.cmu.edu/blog/insider-threat-incidents-assets-targeted-by-malicious-insiders/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

This SEI Blog post details CERT's new taxonomy for targeted assets in insider threat incidents and highlights their latest findings.

2020-09-23T00:00:00-04:002020-09-23T00:00:00-04:00Dan Costa, Sarah Millerhttps://www.sei.cmu.edu/blog/highlights-from-the-7th-annual-national-insider-threat-center-nitc-symposium-day-one/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

This SEI Blog post recaps the first day of the National Insider Threat Symposium, covering proactive approaches to reducing insider incidents.

2020-09-17T00:00:00-04:002020-09-17T00:00:00-04:00Sarah Miller, Alex Pickeringhttps://www.sei.cmu.edu/blog/insider-threat-incidents-communication-channels/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

Learn how to identify risk behaviors and detect insider threats with communication channel monitoring in this informative SEI Blog post.

2020-09-10T00:00:00-04:002020-09-10T00:00:00-04:00Sarah Miller, Alex Pickeringhttps://www.sei.cmu.edu/blog/insider-threat-incidents-most-commonly-affected-devices/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

Learn about the most common devices affected by insider threat incidents and their impact on insider risk management and incident response in this SEI Blog post.

2020-09-03T00:00:00-04:002020-09-03T00:00:00-04:00Dan Costahttps://www.sei.cmu.edu/blog/organizational-resilience-to-insider-threats/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

This SEI Blog post explores the activities of the CERT National Insider Threat Center and offers strategies for operational resilience.

2020-03-19T00:00:00-04:002020-03-19T00:00:00-04:00Bob Ditmore, Derrick Spoonerhttps://www.sei.cmu.edu/blog/functional-requirements-for-insider-threat-tool-testing/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

Because of the scope and scale of the insider threat, the SEI recommends that organizations adopt a use-case-based approach to insider risk mitigation....

2020-01-27T00:00:00-05:002020-01-27T00:00:00-05:00Dan Costahttps://www.sei.cmu.edu/blog/maturing-your-insider-threat-program-into-an-insider-risk-management-program/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

Having trouble clearly stating the scope of your insider threat program? Struggling with measuring the program's effectiveness? Failing to provide actionable intelligence to the program stakeholders?...

2020-01-23T00:00:00-05:002020-01-23T00:00:00-05:00Mike Petockhttps://www.sei.cmu.edu/blog/anti-phishing-training-is-it-working-is-it-worth-it/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

Phishing attacks target human, rather than technical, vulnerabilities. Some organizations, companies, government agencies, educational institutions, and individuals put on blinders....

2020-01-09T00:00:00-05:002020-01-09T00:00:00-05:00Alex Pickeringhttps://www.sei.cmu.edu/blog/technology-trends-in-data-exfiltration/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

One of our goals at the CERT National Insider Threat Center (NITC) is to monitor the shifting landscape of insider threat to identify tools and techniques....

2019-10-30T00:00:00-04:002019-10-30T00:00:00-04:00Matthew Trevorshttps://www.sei.cmu.edu/blog/mapping-cyber-hygiene-to-the-nist-cybersecurity-framework/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

In honor of Cybersecurity Awareness Month, I decided to put fingers to keys and share some basic practices that every organization should consider for their cyber hygiene initiatives....

2019-10-02T00:00:00-04:002019-10-02T00:00:00-04:00Nick Millerhttps://www.sei.cmu.edu/blog/insider-threat-incident-analysis-court-outcome-observations/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

In the United States, legal cases may be tried in criminal court or civil court. According to data in the CERT National Insider Threat Center (NITC) incident corpus, the type of court makes a big difference....

2019-09-20T00:00:00-04:002019-09-20T00:00:00-04:00Dan Costahttps://www.sei.cmu.edu/blog/improving-insider-threat-detection-methods-through-software-engineering-principles/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updates

Tuning detective controls is a key component of implementing and operating an insider threat program, and one we have seen many organizations struggle with....