Insider Threat Research

The CERT Insider Threat Center is uniquely positioned as a trusted broker to directly assist the community in the short term as well as contribute long term through our ongoing research. CERT researchers also develop and conduct assessments and workshops and maintain a blog.

We have been researching insider threats since 2001 in partnership with the Department of Defense, the Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community. Some of this research includes

Much of our research draws on a database of hundreds of real insider threat cases we've collected from news media, industry reports, and other public sources. Once segmented and coded, the data drives anonymized, custom studies of many aspects of the insider threat problem.

The Insider Threat team collaborated with the U.S. Secret Service and CSO Magazine to conduct, analyze, and publish findings from an annual Cybersecurity Watch Survey. It was conducted to identify electronic crime fighting developments and techniques, including best practices and emerging trends.

Help Combat Insider Threats

The Insider Threat Center is always seeking new opportunities to understand and mitigate the insider threat.

Andrew Moore Discusses the Insider Threat Mitigation Project


William Claycomb Describes a Way to Improve Insider Threat Detection


Kurt Wallnau Details the Development of Insider Threat Cyberplays