Published:  May 9, 2018

Insider Threat and the Malicious Insider Threat

Analyze. Deter. Discover. Prevent. Respond.

This issue of the CSIAC Journal presents five articles which represent different perspectives on Insider Threat and approaches to understand and remediate that threat.

In this journal we are proud to identify and include work by two organizations with a long history of research and good counsel regarding Insider Threat – the Software Engineering Institute (SEI) at Carnegie Mellon University and the SANS Technology Institute. The SANS Technology Institute is a preeminent graduate institution translating contemporary information security practice and scholarship into effective educational experiences as it develops technically-skilled leaders to strengthen enterprise and global information security.

In This Issue

Filter by Technical Focus Areas

By default, only content within your selected technical focus areas is displayed throughout the site. You can update your technical focus areas in your profile or temporarily filter the content here.

Introduction: Insider Threat and the Malicious Insider Threat – Analyze. Deter. Discover. Prevent. Respond

Building a quarterly journal that spans broad topical and technical themes can be challenging, and the selection of articles for any one journal intimidating. Over the last five years CSIAC has published special issues on…

Extensions to Carnegie-Mellon University’s Malicious Insider Ontology to Model Human Error

Researchers at Carnegie-Mellon University have created an “Insider Threat Ontology” as a framework for knowledge representation and sharing of malicious insider cases. The ontology features rich constructs regarding people who take malicious actions to compromise or…

Detect, Contain and Control Cyberthreats

Today, every organization is a target and attackers can compromise any organization. Large-scale compromises used to be a surprise, but now they are a reality that is often accepted. The means, methods and techniques that…

Compliant but not Secure: Why PCI-Certified Companies Are Being Breached

The Payment Card Industry published the Data Security Standard 11 years ago; however, criminals are still breaching companies and getting access to cardholder data. The number of security breaches in the past two years has increased…

Accessing the Inaccessible: Incident Investigation in a World of Embedded Devices

There are currently an estimated 4.9 billion embedded systems distributed worldwide. By 2020, that number is expected to have grown to 25 billion. Embedded system scan be found virtually everywhere, ranging from consumer products such…

Offensive Intrusion Analysis: Uncovering Insiders with Threat Hunting and Active Defense

Today’s adversaries are advanced and more capable than ever before. Passive defensive tactics are no longer viable for pursuing these attackers. To compound the issue, the existence of an insider threat creates a challenging problem for…