Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Technical Note

Pattern-Based Design of Insider Threat Programs

  • Abstract

    Despite the high impact of insider attacks, organizations struggle to implement effective insider threat programs. In addition to the mandate for all Department of Defense (DOD) and U.S. Government agencies to build such programs, approval of updates to the National Industrial Security Program Operating Manual regarding insider threat defense require thousands of contractors to have insider threat programs as part of their security defense. Unfortunately, according to the Insider Threat Task Force of the Intelligence and National Security Alliance (INSA) Cyber Council, many such organizations have no insider threat program in place, and most of the organizations that do have serious deficiencies. This report describes a pattern-based approach to designing insider threat programs that could, if further developed, provide a more systematic, targeted way of improving insider threat defense. 

  • Download

Cite This Report

SEI

Moore, Andrew; Collins, Matthew; Mundie, David; Ruefle, Robin; & McIntire, David. Pattern-Based Design of Insider Threat Programs. CMU/SEI-2014-TN-024. Software Engineering Institute, Carnegie Mellon University. 2014. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=427417

IEEE

Moore. Andrew, Collins. Matthew, Mundie. David, Ruefle. Robin, and McIntire. David, "Pattern-Based Design of Insider Threat Programs," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2014-TN-024, 2014. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=427417

APA

Moore, Andrew., Collins, Matthew., Mundie, David., Ruefle, Robin., & McIntire, David. (2014). Pattern-Based Design of Insider Threat Programs (CMU/SEI-2014-TN-024). Retrieved December 11, 2018, from the Software Engineering Institute, Carnegie Mellon University website: http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=427417

CHI

Andrew Moore, Matthew Collins, David Mundie, Robin Ruefle, & David McIntire. Pattern-Based Design of Insider Threat Programs (CMU/SEI-2014-TN-024). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2014. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=427417

MLA

Moore, Andrew., Collins, Matthew., Mundie, David., Ruefle, Robin., & McIntire, David. 2014. Pattern-Based Design of Insider Threat Programs (Technical Report CMU/SEI-2014-TN-024). Pittsburgh: Software Engineering Institute, Carnegie Mellon University. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=427417

BibTex

@techreport{MoorePatternBasedDesign2014,
title={Pattern-Based Design of Insider Threat Programs},
author={Andrew Moore and Matthew Collins and David Mundie and Robin Ruefle and David McIntire},
year={2014},
number={CMU/SEI-2014-TN-024},
institution={Software Engineering Institute, Carnegie Mellon University},
address={Pittsburgh, PA},
url={http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=427417} }