CERT Spotlight: Mitigating Threats from Within
An insider is anyone who has or had authorized access to an organization's network, system, or data. Current or former employees, contractors, and business partners are in a unique position to damage an organization's information systems, intellectual property, finances, and reputation. A recent survey reported that a quarter of electronic crimes with identifiable perpetrators were committed by insiders.
For a decade, the CERT Program has studied how to prevent, detect, and respond to insider threats. The recently published fourth edition of Common Sense Guide to Mitigating Insider Threats, sponsored by the Department of Homeland Security, updates and expands the CERT Insider Threat Center's recommendations for a broad range of organizational stakeholders.
For this edition, the CERT Insider Threat Center delved into its expanding database of more than 700 cases of insider threat. Based on this and other CERT research, the Common Sense Guide recommends 19 new or revised best practices for mitigating the insider threat. Team tables make it easy for members of different organizational groups, such as IT, software engineering, and human resources, to find and apply the most relevant practices. The guide also maps each practice to existing standards, lists implementation challenges for large and small organizations, and outlines quick wins and high-impact solutions.
Download Common Sense Guide to Mitigating Insider Threats, 4th Edition, or explore more of the CERT Insider Threat Center's work.
May 20, 2013
Technical Note on Foreign Involvement in Insider Intellectual Property Theft Released
May 9, 2013
New Podcast Released
May 8, 2013
New Blog Entry: Keep Calm and Deploy EMET