http://www.cert.org/insider_threat/
Our insider threat research focuses on both technical and behavioral aspects of actual compromises. We produce models, reports, training, and tools to raise awareness of the risks of insider threat and to help identify the factors influencing an insider's decision to act, the indicators and precursors of malicious acts, and the countermeasures that will improve the survivability and resiliency of the organization.
Insiders can be current or former employees and contractors who have or had authorized access to their organization's system and networks who are familiar with internal policies, procedures, and technology and can exploit that knowledge to facilitate attacks and even collude with external attackers. Research conducted by CERT since 2001 has focused on gathering data about actual malicious insider acts, including espionage, IT sabotage, fraud, theft of confidential or proprietary information, and potential threats to our nation's critical infrastructures.
Insider Threat Study: Illicit Cyber Activity in the Government Sector (pdf) and Insider Threat Study: Illicit Cyber Activity in the Information Technology and Telecommunications Sector (pdf) have been released. These reports present the findings of research efforts to examine reported insider incidents within their respective sectors.
No comments:
Post a Comment