Tuesday, June 28, 2016

20 Books: The CERT Guide to Insider Threats

This is part of a sub-series of postings based on the "20 Books Cybersecurity Professionals Should Read Now".

 The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud).  By Dawn Cappelli, Andrew Moore, Randall Trzeciak.  Addison-Wesley, 2012.

For those not aware, CERT is the Computer Emergency Response Team, a division with the Software Engineering Institute at Carnegie-Mellon University.  Its a research group looking into various aspects of cybersecurity threats.  Often times it reports on new threats, alert organizations about them so they can take action.  It was formed by a directive from DARPA in the wake of the Morris worm, which formed the CERT Coordination Center.

The CERT Insider Threat Center was started in 2001 and has done a lot of research in that area, with large database of insider threat incidents.  The authors of this work are all senior members within that Center.  They bring together this depth of research to give practical guidance in addressing insider threats.

It's strange to think that the idea of insider threats have been around, yet it seems only recently that the average person seems aware of it.  I think that often times this is a threat that many companies and organizations have tried to almost cover up.  Too often people think that the cybersecurity threats come from people and groups outside an organization: hacker and criminals trying to get in.  We don't want to worry that the threats can come from within, and so many try to almost obscure or cover it up.

This book is a great introduction to this matter, backed up by a lot of data and research thanks to the information they've gathered.

If you are interested in insider threats, this is consider the book to start with.

No comments:

Post a Comment