Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

David McIntire
December 2018 - Technical Report Incident Management Capability Assessment

Topics: Incident Management

Managing incidents that threaten an organization's computer security is complex. The capabilities presented here provide a benchmark of incident management practices.

December 2014 - Technical Note Pattern-Based Design of Insider Threat Programs

Topics: Insider Threat

In this report, the authors describe a pattern-based approach to designing insider threat programs that could provide a better defense against insider threats.

August 2014 - Technical Report A Systematic Approach for Assessing Workforce Readiness

Topics: Incident Management

In this report, the authors present the Competency Lifecycle Roadmap and the readiness test development method, both used to maintain workforce readiness.

October 2013 - Conference Paper Four Insider IT Sabotage Mitigation Patterns and an Initial Effectiveness Analysis

Topics: Insider Threat

In this paper, the authors describe four patterns of insider IT sabotage mitigation and initial results from 46 relevant cases for pattern effectiveness.

March 2013 - Technical Note Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders

Topics: Insider Threat

In this report, the authors justify applying the pattern “Increased Review for Intellectual Property (IP) Theft by Departing Insiders.”

February 2013 - Technical Note The MAL: A Malware Analysis Lexicon

Topics: Incident Management

In this report, the authors present results of the Malware Analysis Lexicon (MAL) initiative, which developed the first common vocabulary for malware analysis.

December 2012 - White Paper Chronological Examination of Insider Threat Sabotage: Preliminary Observations

Topics: Insider Threat

In this paper, the authors examine 15 cases of insider threat sabotage of IT systems to identify points in the attack time-line.

July 2012 - Special Report Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector

Topics: Insider Threat

In this report, the authors describe insights and risk indicators of malicious insider activity in the banking and finance sector.