Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Conference Paper

Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector

  • July 2014
  • By Jeremy R. Strozer , Matthew L. Collins , Tracy Cassidy
  • In this paper, the authors provide documented research to advance the understanding of the unintentional insider threat (UIT) that results from phishing and other social engineering cases, specifically those involving malicious software (malware).
  • Insider Threat
  • Publisher: CERT
  • Abstract

    The research documented in this paper seeks to advance the understanding of the unintentional insider threat (UIT) that results from phishing and other social engineering cases, specifically those involving malicious software (malware). The research team collected and analyzed publicly reported phishing cases and performed an initial analysis of the industry sectors impacted by this type of incident. This paper provides that analysis as well as case examples and potential recommendations for mitigating UITs stemming from phishing and other social engineering incidents. The paper also compares security offices’ current practice of UIT monitoring in the current manufacturing and healthcare industries’ practice of tracking near misses of adverse events.

  • Download