An insider is anyone who has or had authorized access to an organization's network, system, or data. Current or former employees, contractors, and business partners are in a unique position to damage an organization's information systems, intellectual property, finances, and reputation. A recent survey reported that a quarter of electronic crimes with identifiable perpetrators were committed by insiders.

For a decade, the CERT Program has studied how to prevent, detect, and respond to insider threats. The recently published fourth edition of Common Sense Guide to Mitigating Insider Threats, sponsored by the Department of Homeland Security, updates and expands the CERT Insider Threat Center's recommendations for a broad range of organizational stakeholders.

For this edition, the CERT Insider Threat Center delved into its expanding database of more than 700 cases of insider threat. Based on this and other CERT research, the Common Sense Guide recommends 19 new or revised best practices for mitigating the insider threat. Team tables make it easy for members of different organizational groups, such as IT, software engineering, and human resources, to find and apply the most relevant practices. The guide also maps each practice to existing standards, lists implementation challenges for large and small organizations, and outlines quick wins and high-impact solutions.

Download Common Sense Guide to Mitigating Insider Threats, 4th Edition, or explore more of the CERT Insider Threat Center's work.

June 11, 2013

New Podcast Released
Four experience reports demonstrate how the CERT Resilience Management Model can be applied to manage complex and diverse operational risks.

June 10, 2013

Call for Participation: HICSS-47 "Software Security for Mobile Platforms" Minitrack
This minitrack focuses on research and automation techniques that can be applied to mobile platforms to ensure that developed software on these devices is secure and does not compromise other system properties. If you would like to contribute to the minitrack, visit the HICSS-47 website or contact us.

June 4, 2013

New Blog Entry: The Risks of Microsoft Exchange Features that Use Oracle Outside In
This blog post describes the risks of using Microsoft Exchange features that use Oracle Outside In and what you can do about it.

more announcements

headlines

CERT Symposium on Cyber Security Incident Management for Health Information Exchanges, June 26, 2013
The CERT Symposium on Cyber Security Incident Management for Health Information Exchanges on June 26, 2013 at Carnegie Mellon University in Pittsburgh will provide an opportunity to discuss cyber security challenges facing HIEs and will contribute to improving the state of practice. Visit the symposium site to register.

MTEM 2013, July 17-18, 2013
Attend the 2013 Malware Technical Exchange Meeting (MTEM) on July 17-18, 2013. At MTEM 2013, practitioners and researchers from government, FFRDCs, academia, and industry will present new work and discuss important problems in the area of malware. Hear keynote speakers and panels of experts, and participate in discussions with top professionals in reverse engineering, incident response, trends analysis, and research. Visit the MTEM site to register!