Insider Threats During Pandemic Conditions
Resources from the CERT National Insider Threat Center on the unique set of insider threat risks and strategies during pandemic conditions.
Software Engineering Institute
This collection of assets from the CERT National Insider Threat Center is intended to help organizations understand the special set of insider threat risks present during pandemic conditions. Many employees will be under unusual stress, such as loss of work and personal challenges, and abnormal working conditions, such as working from home. These factors, plus the technical challenges of a remote workforce, can contribute to increased unintentional and malicious insider incidents. Organizations can consult the assets in this collection for information on these risks and strategies for their mitigation.
In the Common Sense Guide to Mitigating Insider Threats, the following best practices are particularly relevant:
- Practice 5: Anticipate and manage negative issues in the work environment.
- Practice 8: Structure management and tasks to minimize insider stress and mistakes.
- Practice 9: Incorporate malicious and unintentional insider threat awareness into periodic security training for all employees.
- Practice 12: Deploy solutions for monitoring employee actions and correlating information from multiple data sources.
- Practice 13: Monitor and control remote access from all end points, including mobile devices.
- Practice 19: Close the doors to unauthorized data exfiltration.
- Practice 21: Adopt positive incentives to align the workforce with the organization.
The Insider Threat Blog also has relevant material:
Common Sense Guide to Mitigating Insider Threats, Sixth Edition
February 27, 2019 • Technical Report
By Michael C. Theis, Randall F. Trzeciak, Daniel L. Costa, Andrew P. Moore, Sarah Miller, Tracy Cassidy, William R. Claycomb
The guide presents recommendations for mitigating insider threat based on the CERT Division's continued research and analysis of more than 1,500 insider threat cases.read
Unintentional Insider Threats: A Foundational Study
August 1, 2013 • Technical Note
By CERT Insider Threat Team
In this report, the CERT Insider Threat team examines unintentional insider threat (UIT), a largely unrecognized problem.read
The Critical Role of Positive Incentives for Reducing Insider Threats
December 15, 2016 • Technical Report
By Andrew P. Moore, Jeff Savinda, Elizabeth A. Monaco, Jamie L. Moyes, Denise M. Rousseau (Carnegie Mellon University), Samuel J. Perl, Jennifer Cowley, Matthew L. Collins, Tracy Cassidy, Nathan VanHoudnos, Palma Buttles-Valdez, Daniel Bauer, Allison Parshall
This report describes how positive incentives complement traditional practices to provide a better balance for organizations' insider threat programs.read
Navigating the Insider Threat Tool Landscape: Low-Cost Technical Solutions to Jump-Start an Insider Threat Program
July 3, 2018 • White Paper
By Derrick Spooner, George Silowash, Daniel L. Costa, Michael J. Albrethsen
This paper explores low cost technical solutions that can help organizations prevent, detect, and respond to insider incidents.read