3 Ways to Fight the Insider Threat

Tips to Help Prevent Malicious and Accidental Breaches
3 Ways to Fight the Insider Threat

Increasingly, social engineers target insiders to plunder organizations' financial and intellectual assets. How can you prevent these and traditional inside attacks? Carnegie Mellon University's Dawn Cappelli offers tips.

See Also: Live Discussion | Securing Business Growth: The Road to 24/7 Threat Detection and Response

Cappelli, co-author of the new book The CERT Guide to Insider Threats, has studied insider crimes for over a decade. She sees the definition of "insider threat" evolving.

"We've been looking at malicious insiders," she says. "We define that as current or former employees, contractors, business partners - really, anyone who can get authorized access to your systems, your data, your network - and they intentionally misuse that access to do something bad.

But what about unintentional insider threats? "There are a lot of exploits that have happened this past year have been by external hackers that have used unintentional insiders to get into your network," she says. "We'd like to look at those [incidents] in the same way we've looked at malicious insiders all these years."

In an exclusive video interview recorded at RSA Conference 2012, Cappelli offers tips to combat insider crimes, including:

  • The need for a formal insider threat program;
  • How to leverage current technologies;
  • How to identify and protect your "crown jewels."

Cappelli, CISSP, is Technical Manager of the Insider Threat Center and the Enterprise Threat and Vulnerability Management team in the CERT Program at Carnegie Mellon University's Software Engineering Institute. Her team's mission is to assist organizations in improving their security posture and incident response capability by researching technical threat areas; developing information security assessment methods and techniques; and providing information, solutions and training for preventing, detecting, and responding to illicit activity. Her team members are domain experts in insider threat and incident response, and team capabilities include threat analysis and modeling; development of security metrics and assessment methodologies; and creation and delivery of training, courses, and workshops. Cappelli has 30 years of experience in software engineering, including programming, technical project management, information security, and research. She is often an invited speaker at national and international venues, is an adjunct professor in Carnegie Mellon's Heinz College of Public Policy and Management and is currently Vice-Chair for the CERT Computer Security Incident Handler Certification Advisory Board.

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.