Profile your insider threat mitigation
A malicious insider threat to an organization is a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization's information or information systems.
—CERT Insider Threat Center
The Insider Data Threat Micro-Assessment
is a high-level gap analysis that gives you a baseline reading against 19 insider-threat mitigation best practices
, and provides insight in six different areas of insider threat mitigation:
You do not have to be a security practitioner to perform this assessment.
- Human Resources (HR)
- Physical Security
- Data Owners
- Information Technology (IT) including Information Assurance (IA)
- Software Engineering
You just need to be able to consult with the responsible/knowledgeable parties in the six areas of insider threat mitigation listed above.
Small and medium size businesses often do not have dedicated security practitioners in the ranks of management. If that is the case with your organization, then performing a micro-assessment of you insider threat mitigation is likely of the highest importance.
The assessment questions and guidance information
are based upon the Quick Win and High-Impact Solutions section of each best practice, as presented in the Common Sense Guide to Mitigating Insider Threats, 4th Edition
, published by the CERT Insider Threat Center
"Micro-Assessment Template – Insider Threat Mitigation," is based on "Common Sense Guide to Mitigating Insider Threats, 4th Edition" by George Silowash, Dawn Cappelli, Andrew P. Moore, Randall F. Trzeciak, Timothy J. Shimeall, and Lori Flynn, CMU/SEI-2012-TR-012, (c) 2012 Carnegie Mellon University; however, neither Carnegie Mellon University nor its Software Engineering Institute have reviewed this work and accordingly do not directly or indirectly endorse this work.
Insider Threat Mitigation Micro-Assessment
are small narrowly-focused efforts done to quickly as a light effort, to provide actionable insight, usually performed by one or two people without the need to establish a budget or formally allocate personnel. The standard RBCS Micro-assessment Template
has been modified to focus on Insider Threat to Critical Data.
This is not a full-blown insider threat risk assessment.
It is a simple assessment that can be performed easily that will give you the status of your organization's insider threat mitigation controls compared to 19 best practices for insider threat mitigation. Most organization's don't know and can't report to management exactly where they stand with regard to these best practices.
All organizations have some degree of insider threat.
From recent annual CyberSecurity Watch Surveys, conducted by the U.S. Secret Service, the CERT Insider Threat Center, and CSO Magazine:
43% of survey respondents had experienced at least
one malicious, deliberate insider incident in 2010.
(53% in 2011 and 2012.)
Would you (or your senior management) like to know where your organization stands?
Use the Insider Threat Micro-Assessment to quickly determine
the extent to which your organization has insider threat mitigation measures in place. This high-level assessment gives you a baseline reading against 19 insider-threat mitigation best practices
, and provides insight in six different areas of insider threat mitigation listed at the start of this article.