The CERT Insider Threat Center
The CERT Insider Threat Center conducts empirical research and analysis to develop and transition socio-technical solutions to combat insider cyber threats. We have been doing research on this problem since 2001 in partnership with the Department of Defense, the Department of Homeland Security, the U.S. Secret Service, other federal agencies, the intelligence community, private industry, academia, and the vendor community.
The foundation of our work is our database of more than 700 insider threat cases. We use system dynamics modeling to characterize the nature of the insider threat problem, explore dynamic indicators of insider threat risk, and identify and experiment with administrative and technical controls for insider threat mitigation. The CERT insider threat lab provides a foundation to identify, tune, and package technical controls as an extension of our modeling efforts. We have developed an assessment framework based on the fraud, theft of intellectual property, and IT sabotage case data that we have used to help organizations identify their technical and nontechnical vulnerabilities to insider threats as well as executable countermeasures.
The CERT Insider Threat Center is uniquely positioned as a trusted broker to assist the community in the short term and through our ongoing research.
Our work consists of the following:
- Insider Threat Risk Assessments
- Case Analysis and Best Practices
- Modeling and Simulation
- Training Materials
- Virtual Interactive Simulation for Insider Threat Risk Management
- Insider Threats in the Software Development Lifecycle
- Annual eCrime Watch Survey
- Espionage Research
Learn more about our work.
|
|