August 10, 2016 at 10:18 am #19827
Not all security threats are external, some are internal. See the book “The CERT Guide to Insider Threats” on Amazon, 4.3 out of 5 stars over 11 reviews, or at the publisher, Pearson (which also has the table of contents).
The authors of the book are from the Software Engineering Institute at Carnegie Mellon University, the CERT Insider Threat Center. To quote their description from their organization:
“At the CERT Insider Threat Center at Carnegie Mellon’s Software Engineering Institute (SEI), we are devoted to combatting cybersecurity issues. Our research has uncovered information that can help you identify potential and realized insider threats in your organization, institute ways to prevent them, and establish processes to deal with them if they do happen.
Our Mission: We enable effective insider threat programs by performing research, modeling, analysis, and outreach to define socio-technical best practices so that organizations are better able to deter, detect, and respond to evolving insider threats.”
Their Insider Threat Research includes:
“The CERT Insider Threat Center is uniquely positioned as a trusted broker to directly assist the community in the short term as well as contribute long term through our ongoing research. CERT researchers also develop and conduct assessments and workshops and maintain a blog.
We have been researching insider threats since 2001 in partnership with the Department of Defense, the Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community. Some of this research includes
- Collecting insider threat cases (now numbering over 1,000) and examining them from technical and behavioral perspectives
- Creating controls that can be used for preventing, detecting, and responding to insider incidents
- Analyzing cases helps private industry, government, and law enforcement better understand, detect, and possibly prevent harmful insider activity
- Formulating and publishing best practices for mitigating insider threats
- Identifying unique patterns of insider threat behavior, including intellectual property (IP) theft, IT sabotage, fraud, espionage, and unintentional insider incidents
- Combining modeling and simulation and empirical data to illustrate the complexity of the insider threat problem”
- This topic was modified 1 year, 3 months ago by Greg Makowski.