What do you think?
Rate this book
The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)
Since 2001, the CERT® Insider Threat Center at Carnegie Mellon University’s Software Engineering Institute (SEI) has collected and analyzed information about more than seven hundred insider cyber crimes, ranging from national security espionage to theft of trade secrets. The CERT® Guide to Insider Threats describes CERT’s findings in practical terms, offering specific guidance and countermeasures that can be immediately applied by executives, managers, security officers, and operational staff within any private, government, or military organization. The authors systematically address attacks by all types of malicious insiders, including current and former employees, contractors, business partners, outsourcers, and even cloud-computing vendors. They cover all major types of insider cyber IT sabotage, intellectual property theft, and fraud. For each, they present a crime profile describing how the crime tends to evolve over time, as well as motivations, attack methods, organizational issues, and precursor warnings that could have helped the organization prevent the incident or detect it earlier. Beyond identifying crucial patterns of suspicious behavior, the authors present concrete defensive measures for protecting both systems and data. This book also conveys the big picture of the insider threat problem over the complex interactions and unintended consequences of existing policies, practices, technology, insider mindsets, and organizational culture. Most important, it offers actionable recommendations for the entire organization, from executive management and board members to IT, data owners, HR, and legal departments. With this book, you will find out how to By implementing this book’s security practices, you will be incorporating protection mechanisms designed to resist the vast majority of malicious insider attacks.
432 pages, Hardcover
First published January 1, 2012
17 people are currently reading
185 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
December 15, 2017
Bit dated, but still useful.
June 3, 2016
Executive Summary
The authors have reviewed more than 700 cases of insider threat attacks and developed a comprehensive list of mitigation controls that might have prevented them. The book is not very well organized, but the content represents the authoritative source on precursor behavior that may illuminate potential insider attacks. In that regard, it is a must-read for cyber security professionals. What is clear from reading the book is that there is no technical solution that will prevent insider attacks. Technology can aid in discovery, but it is not a panacea; it will not prevent a determined inside attacker. A good program will accomplish four tasks:
1: Train employees and their managers to watch for the signs of potential insider threat behavior.
2: Provide the mechanisms across the organization to report and review the activity.
3: Establish and maintain the apparatus to report potential abuse and respond to incidents when necessary.
4: Mitigate the risk before any damage is done.
The key to the entire program is the human element, and that is why defending against the insider threat is hard.
Full review at http://bit.ly/1gDlUnt
The authors have reviewed more than 700 cases of insider threat attacks and developed a comprehensive list of mitigation controls that might have prevented them. The book is not very well organized, but the content represents the authoritative source on precursor behavior that may illuminate potential insider attacks. In that regard, it is a must-read for cyber security professionals. What is clear from reading the book is that there is no technical solution that will prevent insider attacks. Technology can aid in discovery, but it is not a panacea; it will not prevent a determined inside attacker. A good program will accomplish four tasks:
1: Train employees and their managers to watch for the signs of potential insider threat behavior.
2: Provide the mechanisms across the organization to report and review the activity.
3: Establish and maintain the apparatus to report potential abuse and respond to incidents when necessary.
4: Mitigate the risk before any damage is done.
The key to the entire program is the human element, and that is why defending against the insider threat is hard.
Full review at http://bit.ly/1gDlUnt
March 28, 2013
The book serves the purpose of providing data and statistics about the insider attack, and the behaviour we can expect from insiders. Makes good classifications of the cases it contains and educates the reader on the different kinds of insider attacks that he can expect. In my opinion the technical chapter could be a lot more technical, but helps demonstrating that easy to use, widespread tools can make a big difference. It can be a little repetitive with the cases and with the information, but it helps to make a good analysis and question yourself: can this happen to me?
July 7, 2012
The book is not good. It contains a lot of fear mongering, some ideas, but seems targeted mostly to clueless managers.
Displaying 1 - 4 of 4 reviews