search menu icon-carat-right cmu-wordmark

Common Sense Guide to Mitigating Insider Threats, Sixth Edition

February 2019 Technical Report
Michael C. Theis, Randall F. Trzeciak, Daniel L. Costa, Andrew P. Moore, Sarah Miller, Tracy Cassidy, William R. Claycomb

The guide presents recommendations for mitigating insider threat based on the CERT Division's continued research and analysis of more than 1,500 insider threat cases.


Software Engineering Institute

CMU/SEI Report Number


DOI (Digital Object Identifier):


This sixth edition of the Common Sense Guide to Mitigating Insider Threats provides the current recommendations of the CERT Division (part of Carnegie Mellon University’s Software Engineering Institute), based on an expanded corpus of more than 1,500 insider threat cases and continued research and analysis. It introduces the topic of insider threats, describes its intended audience, outlines changes for this edition, defines insider threats, and outlines current trends. The guide then describes 21 practices that organizations should implement to prevent and detect insider threats, as well as case studies of organizations that failed to do so. Each practice includes challenges to implementation, quick wins, and high-impact solutions for small and large organizations. This edition also focuses on six groups within an organization—Human Resources, Legal Counsel, Physical Security, Data Owners, Information Technology, and Software Engineering—and maps relevant groups to each practice. The appendices provide a list of information security best practices, a mapping of the guide’s practices to established security standards, a breakdown of the practices by organizational group, and checklists of activities for each practice.