Insider Threat Management

CERT: Insider Threat Resource

Share with your network!

CERT Insider Threat Center (SEI Carnegie Mellon University)

Insider Threat Tips is shifting gears this week focusing on a great insider threat resource, the CERT insider threat group. This organisation is spearheading the research efforts on insider threat and is a great place to expand your insider threat knowledge base.

TL;DR (Too Long Didn't read)

The CERT insider Threat Center is a great resource to leverage for all things insider threat . They have many publications, tools, training, stats, and best practice guides.

What is CERT?

Directly from CERT's website:

We were there for the first internet security incident and we’re still here more than 25 years later. Only now, we’ve expanded our expertise from incident response to a comprehensive, proactive approach to securing networked systems. The CERT Division is part of the Software Engineering Institute, which is based at Carnegie Mellon University. We are the world’s leading trusted authority dedicated to improving the security and resilience of computer systems and networks and are a national asset in the field of cyber security.

The CERT Insider Threat Center is uniquely positioned as a trusted broker to directly assist the community in the short term as well as contribute long term through our ongoing research. CERT researchers also develop and conduct assessments and workshops and maintain a blog.

We have been researching insider threats since 2001 in partnership with the Department of Defense, the Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community.

Some of CERT’s research includes:

Other great content from CERT:

Common Sense Guide to Mitigating Insider Threats, 5th Edition

The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)

The CERT Top 10 List for Winning the Battle Against Insider Threats (PowerPoint)

Insider Threat Resources – Sun never sets