Did you know that cyberattacks from employees and other insiders is a common problem that you should be planning for and preventing?
Insiders pose a substantial threat to your organization because they have the knowledge and access to proprietary systems that allow them to bypass security measures through legitimate means.
The nature of insider threats is different from other cybersecurity challenges; these threats require a different strategy for preventing and addressing them.
At the CERT Insider Threat Center at Carnegie Mellon’s Software Engineering Institute (SEI), we are devoted to combatting cybersecurity issues.
(Learn More about the CERT Insider Threat Center. Courtesy of CMU SEI and YouTube)
Our research has uncovered information that can help you identify potential and realized insider threats in your organization, institute ways to prevent them, and establish processes to deal with them if they do happen.
The Guide describes 20 practices that organizations should implement across the enterprise to prevent and detect insider threats, as well as case studies of organizations that failed to do so.
“The new edition of the Guide comes at critical time for organizations developing insider threat programs,” said Randy Trzeciak, technical manager of the CERT Insider Threat Center.
“The insider threat landscape has changed considerably since the previous edition, especially with new directives that government and government-contractor organizations must follow.”