search menu icon-carat-right cmu-wordmark

Low Cost Technical Solutions to Jump Start an Insider Threat Program

December 2016 Technical Note
George Silowash, Derrick Spooner, Daniel L. Costa, Michael J. Albrethsen

This technical note explores free and low cost technical solutions to help organizations prevent, detect, and respond to malicious insiders.

Publisher:

Software Engineering Institute

CMU/SEI Report Number

CMU/SEI-2016-TN-004

Abstract

This technical note explores free and low cost technical solutions to help organizations prevent, detect, and respond to malicious insiders. The tools presented address the needs of organizations to have, at a minimum, user activity monitoring, data loss prevention, security information and event management, analytics, and a digital forensics and investigation capability. Implementing tools in all of these categories will help an organization have a successful insider threat program.