• Home
  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Related Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact Us
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Login / Register

CSIAC

Cyber Security and Information Systems Information Analysis Center

  • Resources
    • Find Resources by Topic Tags
    • Cybersecurity Policy Chart
    • CSIAC Reports
    • Webinars
    • Podcasts
    • Cybersecurity Digest
    • Standards & Reference Docs
    • Journals
    • Certifications
    • Acronym DB
    • Cybersecurity Websites
  • Services
    • Free Technical Inquiry
    • Core Analysis Task (CAT) Program
    • Subject Matter Expert (SME) Network
    • Training
    • Contact
  • Community
    • Upcoming Events
    • Cybersecurity
    • Modeling & Simulation
    • Knowledge Management
    • Software Engineering
  • About
    • About the CSIAC
    • The CSIAC Team
    • Subject Matter Expert (SME) Support
    • DTIC’s IAC Program
    • DTIC’s R&E Gateway
    • DTIC STI Program
    • FAQs
  • Cybersecurity
  • Modeling & Simulation
  • Knowledge Management
  • Software Engineering
/ Insider Threat

Topic: Insider Threat

Insiders may have accounts giving them legitimate access to computer systems, with this access originally having been given to them to serve in the performance of their duties; these permissions could be abused to harm the organization. Insiders are often familiar with the organization's data and intellectual property as well as the methods that are in place to protect them. This makes it easier for the insider to circumvent any security controls of which they are aware. Physical proximity to data means that the insider does not need to hack into the organizational network through the outer perimeter by traversing firewalls; rather they are in the building already, often with direct access to the organization's internal network. Insider threats are harder to defend against than attacks from outsiders, since the insider already has legitimate access to the organization's information and assets.

According to the Center for Development of Security Excellence (CDSE), an insider threat is defined as “the likelihood, risk or potential that an insider will use his or her authorized access, wittingly or unwittingly, to do harm to the security of the United States or the organization.” Insider threats may include harm to contractor or program information to the extent that the information impacts the contractor or agency’s obligations to protect classified national security information.

Event

Insider Threat Virtual Security Conference

Posted: 09/02/2020 | Event Starts on Thursday, September 3rd 2020 at 10:00 AM and Ends on Thursday, September 3rd 2020 at 3:30 PM

The Defense Counterintelligence and Security Agency (DCSA), Center for Development of Security Excellence, welcomes you to the National Insider Threat Awareness Month (NITAM) 2020 Insider Threat Virtual Conference. The National Counterintelligence and Security Center, National Insider Threat Task Force, and Office of the Under Secretary of Defense Read More

Event

National Insider Threat Awareness Month

Posted: 09/01/2020 | Event Starts on Tuesday, September 1st 2020 at 12:00 AM and Ends on Wednesday, September 30th 2020 at 11:59 PM

September is National Insider Threat Awareness Month (NIATM), which is a collaborative effort between the National Counterintelligence and Security Center (NCSC), National Insider Threat Task Force (NITTF), Office of the Under Secretary of Defense Intelligence and Security (USD(I&S)), Department of Homeland Security (DHS), and Defense Counterintelligence Read More

Journal Article

Enduring, Fleeting, Future: A brief overview of current sentiment and emotional analysis, a look forward

Published in Journal of Cyber Security and Information Systems
Volume: 6 Number: 2 - Cyber-As-Zoo: Multidisciplinary Cyber Struggle

Author: Dr. Wemlinger
Posted: 08/09/2018 | Leave a Comment

Introduction Sentiment and emotion analysis are critical tools in knowledge aggregation and interfacing with people. As we move from the industrial age, where wealth is measured in capital, into the information age, Barbara Endicott-Popovsky suggests that knowledge will be the new measure of wealth [1]. According to Addleson, knowledge management typically Read More

Journal Article

Detect, Contain and Control Cyberthreats

Published in Journal of Cyber Security and Information Systems
Volume: 6 Number: 1 - Insider Threat and the Malicious Insider Threat

Author: Eric Cole, PhD
Posted: 05/09/2018 | Leave a Comment

Today, every organization is a target and attackers can compromise any organization. Large-scale compromises used to be a surprise, but now they are a reality that is often accepted. The means, methods and techniques that adversaries use to target and ultimately compromise organizations have caused a shift in mind-set. It is not a matter of if an attacker Read More

Journal Article

Offensive Intrusion Analysis: Uncovering Insiders with Threat Hunting and Active Defense

Published in Journal of Cyber Security and Information Systems
Volume: 6 Number: 1 - Insider Threat and the Malicious Insider Threat

Author: Matt Hosburgh
Posted: 05/09/2018 | Leave a Comment

Today’s adversaries are advanced and more capable than ever before. Passive defensive tactics are no longer viable for pursuing these attackers. To compound the issue, the existence of an insider threat creates a challenging problem for the passive defender. One of the largest breaches of classified information was carried out by an insider. Months after the Read More

Journal Article

Accessing the Inaccessible: Incident Investigation in a World of Embedded Devices

Published in Journal of Cyber Security and Information Systems
Volume: 6 Number: 1 - Insider Threat and the Malicious Insider Threat

Author: Eric Jodoin
Posted: 05/09/2018 | Leave a Comment

There are currently an estimated 4.9 billion embedded systems distributed worldwide. By 2020, that number is expected to have grown to 25 billion. Embedded system scan be found virtually everywhere, ranging from consumer products such as Smart TVs, Blu ray players, fridges, thermostats, smart phones, and many more household devices. They are also ubiquitous Read More

Journal Article

Compliant but not Secure: Why PCI-Certified Companies Are Being Breached

Published in Journal of Cyber Security and Information Systems
Volume: 6 Number: 1 - Insider Threat and the Malicious Insider Threat

Author: Christian Moldes
Posted: 05/09/2018 | Leave a Comment

The Payment Card Industry published the Data Security Standard 11 years ago; however, criminals are still breaching companies and getting access to cardholder data. The number of security breaches in the past two years has increased considerably, even among the companies for which assessors deemed compliant. In this paper, the author conducts a detailed Read More

Journal Article

Extensions to Carnegie-Mellon University’s Malicious Insider Ontology to Model Human Error

Published in Journal of Cyber Security and Information Systems
Volume: 6 Number: 1 - Insider Threat and the Malicious Insider Threat

Author: Dr. John W. Coffey
Posted: 05/09/2018 | Leave a Comment

Researchers at Carnegie-Mellon University have created an “Insider Threat Ontology” as a framework for knowledge representation and sharing of malicious insider cases. The ontology features rich constructs regarding people who take malicious actions to compromise or exploit cyber assets. However, modeling end-user error was outside the scope of the CMU work. Read More

Journal Article

Introduction: Insider Threat and the Malicious Insider Threat – Analyze. Deter. Discover. Prevent. Respond

Published in Journal of Cyber Security and Information Systems
Volume: 6 Number: 1 - Insider Threat and the Malicious Insider Threat

Authors: Roderick A. Nettles and Michael Weir
Posted: 05/09/2018 | Leave a Comment

Building a quarterly journal that spans broad topical and technical themes can be challenging, and the selection of articles for any one journal intimidating. Over the last five years CSIAC has published special issues on military research laboratories (Volume 5 Number 1; Volume 4 Number 1), focused in on particular relevant technical thrusts (i.e., Serious Read More

Journal Issue

Insider Threat and the Malicious Insider Threat

Journal of Cyber Security and Information Systems

Volume: 6 Number: 1
Posted: 05/09/2018

Analyze. Deter. Discover. Prevent. Respond. This issue of the CSIAC Journal presents five articles which represent different perspectives on Insider Threat and approaches to understand and remediate that threat. In this journal we are proud to identify and include work by two organizations with a long history of research and good counsel regarding Read More

Download PDF: CSIAC_Journal_V6N1_WEBVERSION.pdf
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to Next Page »
Air Force Air Force Research Laboratory (AFRL) Artificial Intelligence (AI) Autonomy and Autonomous Systems Biometrics Cloud Computing Critical Infrastructure Protection (CIP) Cryptocurrency Cryptography Cyber Attack Cyber Legislation Cybersecurity Cybersecurity Awareness Month Cyber Supply Chain Cyberwarfare Cyber Workforce Data Breach Data Privacy Data Security Department of Defense (DoD) DoD Acquisition Lifecycle Encryption Industrial Control Systems (ICS) Insider Threat Internet of Things (IoT) Intrusion Detection Machine Learning (ML) Malware Microsoft Mobile Security National Institute of Standards and Technology (NIST) National Security Agency (NSA) Network Security Open Source Software Operational Technology (OT) Password Security Phishing Protecting Controlled Unclassified Information (CUI) Quantum Computing Ransomware Risk Management Framework (RMF) Software Assurance Software Development Vulnerability Workplace Security

sidebar

Blog Sidebar

Featured Content

The DoD Cybersecurity Policy Chart

The DoD Cybersecurity Policy Chart

This chart captures the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme.

View the Policy Chart

Featured Subject Matter Expert (SME): Cully Patch

An internal CSIAC SME with a passion for learning, teaching, and supporting the warfighter, Mr. Cully Patch has been a member of the CSIAC staff for 5 years. Cully was instrumental in leading the development and instruction of an extensive course on DoD Cybersecurity Analysis and Reporting (DoDCAR) - a threat-based approach to addressing system cybersecurity. As a senior program manager for cybersecurity and intelligence, Mr. Patch has extensive experience in providing cybersecurity training and education to both university students and military operators. Cully is a retired US Air Force military officer with career accomplishments in the fields of research, Intelligence, cybersecurity operations, planning, and technical course instruction. CSIAC is honored to have Mr. Patch as a subject matter expert, where he leads teams of technologists through problem solving, training program development, scientific and technical information generation, and analysis of complex system requirements.

View SME's Contributed Content

CSIAC Report - Smart Cities, Smart Bases and Secure Cloud Architecture for Resiliency by Design

Integration of Smart City Technologies to create Smart Bases for DoD will require due diligence with respect to the security of the data produced by Internet of Things (IOT) and Industrial Internet of Things (IIOT). This will increase more so with the rollout of 5G and increased automation "at the edge". Commercially, data will be moving to the cloud first, and then stored for process improvement analysis by end-users. As such, implementation of Secure Cloud Architectures is a must. This report provides some use cases and a description of a risk based approach to cloud data security. Clear understanding, adaptation, and implementation of a secure cloud framework will provide the military the means to make progress in becoming a smart military.

Read the Report

CSIAC Journal - Data-Centric Environment: Rise of Internet-Based Modern Warfare “iWar”

CSIAC Journal Cover Volume 7 Number 4

This journal addresses a collection of modern security concerns that range from social media attacks and internet-connected devices to a hypothetical defense strategy for private sector entities.

Read the Journal

CSIAC Journal M&S Special Edition - M&S Applied Across Broad Spectrum Defense and Federal Endeavors

CSIAC Journal Cover Volume 7 Number 3

This Special Edition of the CSIAC Journal highlights a broad array of modeling and simulation contributions – whether in training, testing, experimentation, research, engineering, or other endeavors.

Read the Journal

CSIAC Journal - Resilient Industrial Control Systems (ICS) & Cyber Physical Systems (CPS)

CSIAC Journal Cover Volume 7 Number 2

This edition of the CSIAC Journal focuses on the topic of cybersecurity of Cyber-Physical Systems (CPS), particularly those that make up Critical Infrastructure (CI).

Read the Journal

Recent Video Podcasts

  • Cybersecurity Maturity Model Certification (CMMC): The Road to Compliance Series: The CSIAC Podcast
  • Deep Learning for Radio Frequency Target Classification Series: CSIAC Webinars
  • A Brief Side-by-Side Comparison Between C++ and Rust – Part 3 Series: Programming Language Comparisons
  • A Brief Side-by-Side Comparison Between C++ and Rust – Part 2 Series: Programming Language Comparisons
  • A Brief Side-by-Side Comparison Between C++ and Rust – Part 1 Series: Programming Language Comparisons
View all Podcasts

Upcoming Events

Mon 12

18th USENIX Symposium on Networked Systems Design and Implementation (NSDI)

April 12 - April 14
Boston MA
Organizer: USENIX
Tue 13

Identity Management Day

April 13
Organizer: Identity Defined Security Alliance (IDSA)
Thu 29

Data Connectors Phoenix Virtual Cybersecurity Summit

April 29
Organizer: Data Connectors
636-778-9495
May 17

SANS Purple Team Summit & Training 2021

May 17 - May 28
Organizer: SANS Institute
May 27

DockerCon LIVE 2021

May 27 @ 06:00 - 14:00 EDT
View all Events

Footer

CSIAC Products & Services

  • Free Technical Inquiry
  • Core Analysis Tasks (CATs)
  • Resources
  • Events Calendar
  • Frequently Asked Questions
  • Product Feedback Form

About CSIAC

The CSIAC is a DoD-sponsored Center of Excellence in the fields of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management & Information Sharing.Learn More

Contact Us

Phone:800-214-7921
Email:info@csiac.org
Address:   266 Genesee St.
Utica, NY 13502
Send us a Message
US Department of Defense Logo USD(R&E) Logo DTIC Logo DoD IACs Logo

Copyright 2012-2021, Quanterion Solutions Incorporated

Sitemap | Privacy Policy | Terms of Use | Accessibility Information
Accessibility / Section 508 | FOIA | Link Disclaimer | No Fear Act | Policy Memoranda | Privacy, Security & Copyright | Recovery Act | USA.Gov

This website uses cookies to provide our services and to improve your experience. By using this site, you consent to the use of our cookies. To read more about the use of our site, please click "Read More". Otherwise, click "Dismiss" to hide this notice. Dismiss Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT