CMU/SEI-2012-TR-012, 2012
Common Sense Guide to Mitigating Insider Threats - 4th Edition
technical-report
Authors
Silowash, G., Cappelli, D., Moore, A., Trzeciak, R., Shimeall, T.J., Flynn, L.
Identifiers
DOI: 10.21236/ADA585500
Report: CMU/SEI-2012-TR-012
Year
2012
Abstract
Insider threats are influenced by a combination of technical, behavioral, and organizational issues
and must be addressed by policies, procedures, and technologies. Accordingly, an organization’s
staff in management, human resources (HR), legal counsel, physical security, information
technology (IT), and information assurance (IA),1 as well as data owners and software engineers,
can all benefit from reading this guide. Decision makers across the enterprise should understand
the overall scope of the insider threat problem and communicate it to all the organization’s
employees. The CERT Program’s current analysis recognizes the following unique patterns of
insider threat behavior: intellectual property (IP) theft, IT sabotage, fraud, espionage, and
accidental insider threats. This guide focuses on IP theft, IT sabotage, and fraud. Organizations
can use this guide to efficiently inform and direct their mitigation of potential insider threats.
(CMU/SEI-2012-TR-012, 2012, xiii)
Links
Citation
Silowash, G., Cappelli, D., Moore, A., Trzeciak, R., Shimeall, T.J., Flynn, L., 2012. Common Sense Guide to Mitigating Insider Threats 4th Edition: (Technical Report No. CMU/SEI-2012-TR-012). Defense Technical Information Center, Fort Belvoir, VA. https://doi.org/10.21236/ADA585500
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.