http://www.sei.cmu.edu/feeds/tag/Updates on changes and additions to the SEI Blog for posts matching Insider Threaten-usMon, 03 Feb 2025 00:00:00 -0500https://www.sei.cmu.edu/blog/introducing-the-insider-incident-data-exchange-standard-iides/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCapturing and sharing information about insider incidents is a challenge. This post introduces the Insider Incident Data Exchange Standard (IIDES) schema for insider incident data collection.Austin WhisnantMon, 03 Feb 2025 00:00:00 -0500https://www.sei.cmu.edu/blog/introducing-the-insider-incident-data-exchange-standard-iides/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesInsider ThreatCyber Risk and Resilience Managementhttps://www.sei.cmu.edu/blog/the-top-10-blog-posts-of-2024/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post presents the top 10 most-visited posts of 2024, highlighting our work in software acquisition, artificial intelligence, large language models, secure coding, and more.Bill ScherlisMon, 06 Jan 2025 00:00:00 -0500https://www.sei.cmu.edu/blog/the-top-10-blog-posts-of-2024/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecure CodingInsider ThreatArtificial Intelligence EngineeringMachine LearningAI Engineering and Machine LearningAcquisition Transformationhttps://www.sei.cmu.edu/blog/potential-implications-of-the-california-consumer-privacy-act-ccpa-for-insider-risk-programs/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post reviews the general framework of the California Consumer Privacy Act (CCPA), describes specific implications for insider risk management, and provides recommendations to prepare insider risk programs to mitigate concerns before the CCPA takes effect.Emily Kessel, Sarah Miller, Carrie GardnerMon, 31 May 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/potential-implications-of-the-california-consumer-privacy-act-ccpa-for-insider-risk-programs/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesRiskEnterprise Risk and Resilience ManagementInsider ThreatBest Practiceshttps://www.sei.cmu.edu/blog/benfords-law-potential-applications-insider-threat-detection/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLearn how a mathematical law may help detect insider activity without the effort of traditional anomaly detection in this informative SEI Blog postEmily KesselThu, 17 Dec 2020 00:00:00 -0500https://www.sei.cmu.edu/blog/benfords-law-potential-applications-insider-threat-detection/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/insider-threat-incidents-assets-targeted-by-malicious-insiders/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post details CERT's new taxonomy for targeted assets in insider threat incidents and highlights their latest findings.Sarah MillerTue, 29 Sep 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/insider-threat-incidents-assets-targeted-by-malicious-insiders/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/highlights-from-the-7th-annual-national-insider-threat-center-nitc-symposium-day-one/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post recaps the first day of the National Insider Threat Symposium, covering proactive approaches to reducing insider incidents.Dan Costa, Sarah MillerWed, 23 Sep 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/highlights-from-the-7th-annual-national-insider-threat-center-nitc-symposium-day-one/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/insider-threat-incidents-communication-channels/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLearn how to identify risk behaviors and detect insider threats with communication channel monitoring in this informative SEI Blog post.Sarah Miller, Alex PickeringThu, 17 Sep 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/insider-threat-incidents-communication-channels/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/insider-threat-incidents-most-commonly-affected-devices/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLearn about the most common devices affected by insider threat incidents and their impact on insider risk management and incident response in this SEI Blog post.Sarah Miller, Alex PickeringThu, 10 Sep 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/insider-threat-incidents-most-commonly-affected-devices/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/organizational-resilience-to-insider-threats/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post explores the activities of the CERT National Insider Threat Center and offers strategies for operational resilience.Dan CostaThu, 03 Sep 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/organizational-resilience-to-insider-threats/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/functional-requirements-for-insider-threat-tool-testing/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesBecause of the scope and scale of the insider threat, the SEI recommends that organizations adopt a use-case-based approach to insider risk mitigation....Bob Ditmore, Derrick SpoonerThu, 19 Mar 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/functional-requirements-for-insider-threat-tool-testing/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/maturing-your-insider-threat-program-into-an-insider-risk-management-program/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesHaving trouble clearly stating the scope of your insider threat program? Struggling with measuring the program's effectiveness? Failing to provide actionable intelligence to the program stakeholders?...Dan CostaMon, 27 Jan 2020 00:00:00 -0500https://www.sei.cmu.edu/blog/maturing-your-insider-threat-program-into-an-insider-risk-management-program/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/anti-phishing-training-is-it-working-is-it-worth-it/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesPhishing attacks target human, rather than technical, vulnerabilities. Some organizations, companies, government agencies, educational institutions, and individuals put on blinders....Mike PetockThu, 23 Jan 2020 00:00:00 -0500https://www.sei.cmu.edu/blog/anti-phishing-training-is-it-working-is-it-worth-it/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesInsider ThreatBest Practices in Network Securityhttps://www.sei.cmu.edu/blog/technology-trends-in-data-exfiltration/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesOne of our goals at the CERT National Insider Threat Center (NITC) is to monitor the shifting landscape of insider threat to identify tools and techniques....Alex PickeringThu, 09 Jan 2020 00:00:00 -0500https://www.sei.cmu.edu/blog/technology-trends-in-data-exfiltration/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/measuring-resilience-in-artificial-intelligence-and-machine-learning-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesArtificial intelligence (AI) and machine learning (ML) systems are quickly becoming integrated into a wide array of business and military operational environments....Alexander Petrilli, Shing-hon LauThu, 12 Dec 2019 00:00:00 -0500https://www.sei.cmu.edu/blog/measuring-resilience-in-artificial-intelligence-and-machine-learning-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesArtificial Intelligence EngineeringMission AssuranceInsider ThreatArtificial Intelligencehttps://www.sei.cmu.edu/blog/insider-threat-incident-analysis-court-outcome-observations/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn the United States, legal cases may be tried in criminal court or civil court. According to data in the CERT National Insider Threat Center (NITC) incident corpus, the type of court makes a big difference....Nick MillerWed, 02 Oct 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/insider-threat-incident-analysis-court-outcome-observations/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/improving-insider-threat-detection-methods-through-software-engineering-principles/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesTuning detective controls is a key component of implementing and operating an insider threat program, and one we have seen many organizations struggle with....Dan CostaFri, 20 Sep 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/improving-insider-threat-detection-methods-through-software-engineering-principles/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesInsider ThreatSystem Verification and Validationhttps://www.sei.cmu.edu/blog/september-is-national-insider-threat-awareness-month/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSeptember 2019 has been declared National Insider Threat Awareness Month by the National Insider Threat Task Force, the National Counterintelligence and Security Center....Dan CostaWed, 04 Sep 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/september-is-national-insider-threat-awareness-month/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesInsider ThreatMission Assurancehttps://www.sei.cmu.edu/blog/patterns-and-trends-in-insider-threats-across-industry-sectors-part-9-of-9-insider-threats-across-industry-sectors/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn previous posts of our series analyzing and summarizing insider incidents across multiple sectors, we presented up-to-date statistics from the CERT National Insider Threat Center (NITC)....Dan CostaThu, 22 Aug 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/patterns-and-trends-in-insider-threats-across-industry-sectors-part-9-of-9-insider-threats-across-industry-sectors/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/cybersecurity-governance-part-1-5-fundamental-challenges/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMost organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems....Seth Swinton, Stephanie HedgesThu, 25 Jul 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/cybersecurity-governance-part-1-5-fundamental-challenges/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware and Information AssuranceMission AssuranceInsider Threathttps://www.sei.cmu.edu/blog/keeping-an-eye-out-for-positive-risk/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesWe commonly think about risks having negative consequences. With each month bringing new cybersecurity threats, breaches, and vulnerabilities, sound risk management practices are necessary....Mary Beth ChrissisMon, 01 Jul 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/keeping-an-eye-out-for-positive-risk/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMission AssuranceInsider Threat