Staying On Top
We don't often cite reference materials, but if you haven't seen it yet, the latest out of the Software Engineering Institute at Carnegie-Mellon Univeristy caught our eye:
April 10, 2019—The CERT National Insider Threat Center, part of the SEI’s CERT Division, has released the sixth edition of its Common Sense Guide to Mitigating Insider Threats. This edition reports the center’s new research on unintentional insider threats and workplace violence, alongside fresh insights on the primary categories of insider threat: intellectual property theft, information technology sabotage, fraud, and espionage. The report also expands its organizational practices for mitigating insider threats to include positive workforce incentives, and it maps these practices to recent standards and regulations.
Written for decision makers across an organization, the report is based on the CERT Division’s continued research and analysis of more than 1,500 insider threat incidents across public and private industries.
A major feature of the Common Sense Guide’s latest edition is a new insider threat best practice about providing positive incentives in the workforce.
The SEI.CMU download is worth your time as it gets into the "nuts & bolts" of the Insider Threatissues. Highly recommended reading, especially the case studies and 1,500 events analyzed.
Importantly, because it deals with "issues outside the server rooms" it compiles information that needs to be understood across your C-level and especially in HR and Training.
If your firm isn't certainthat it is cyber-security prepped, click here to get your free cyber-security assessment from Cyber-Armada. Cyber-insurance is all we do.