CERT releases updated version of insider threat guidebook
- Published: Monday, 13 February 2017 09:15
The CERT Division of the Software Engineering Institute at Carnegie Mellon University has published the fifth edition of its ‘Common Sense Guide to Mitigating Insider Threats’. The guide describes 20 practices that organizations should implement across the enterprise to prevent and detect insider threats, as well as case studies of organizations that failed to do so.
Updates to the guide include:
- Reordering of best practices to better align with the development of insider threat programs;
- Recognizing the threat posed by non-malicious (accidental) insiders;
- Significant updates to best practices;
- One new practice
- New case studies for each best practice.
This edition of the guide also focuses on six groups within an organization: human resources, legal, physical security, data owners, information technology, and software engineering; and maps the relevant groups to each practice.Download the guide.