Software Engineering Institute

Michael Hanley

Software Engineering Institute

Michael Hanley is a member of the technical staff in the CERT Program, part of the Software Engineering Institute at Carnegie Mellon University. His research interests include insider threats, security metrics, digital forensics, and network security. Prior to joining the SEI, Michael was a technical leader for a remote system administration team working in a large manufacturing IT environment. During his tenure there, Michael was involved in testing and deploying new software, managing incidents, and supporting systems across the globe. He holds an MSc in Information Security Policy and Management from Carnegie Mellon University and a BA in Economics from Michigan State University.

Publications by Michael Hanley

A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders

April 01, 2012 • Technical Report

Andrew P. Moore Michael Hanley Dave Mundie

In this report, the authors present techniques for helping organizations plan, prepare, and implement means to mitigate insider theft of intellectual property.
read
Insider Threat Control: Using Centralized Logging to Detect Data Exfiltration Near Insider Termination

October 01, 2011 • Technical Note

Michael Hanley Joji Montelibano

In this report, the authors present an insider threat pattern on how organizations can combat insider theft of intellectual property.
read
An Analysis of Technical Observations in Insider Theft of Intellectual Property Cases

February 01, 2011 • Technical Note

Michael Hanley Tyler Dean Will Schroeder

In this report, the authors provide an overview of techniques used by malicious insiders to steal intellectual property.
read
Indicators and Controls for Mitigating Insider Threat

January 25, 2011 • Podcast

Michael Hanley Julia H. Allen

In this podcast, Michael Hanley explains how technical controls can be effective in helping to prevent, detect, and respond to insider crimes.
learn more
Deriving Candidate Technical Controls and Indicators of Insider Attack from Socio-Technical Models and Data

January 01, 2011 • Technical Note

Michael Hanley

In this 2011 report, Michael Hanley demonstrates how a method for modeling insider crimes can create candidate technical controls and indicators.
read
Spotlight On: Malicious Insiders with Ties to the Internet Underground Community

March 01, 2009 • White Paper

Michael Hanley Andrew P. Moore Dawn Cappelli

In this report, the authors focus on insider threat cases in which the insider had relationships with the internet underground community.
read