Among 874 security incidents reported by companies to the Ponemon Institute for its 2016 Cost of Data Breach Study, 568 were caused by employee or contractor negligence and 191 were caused by malicious employees and criminals. Battling the insider threat is a focus today for all organizations.
We’ve created a categorized list of insider threat detection tools and resources to help you learn more and take action.
Groups with a dedicated or significant focus on insider threat research, detection, and prevention.
- CERT Insider Threat Center
- National Insider Threat Special Interest Group (NITSIG)
- Center for Internet Security
News and best practices from experts and vendors in the insider threat detection space.
- SEI Insider Threat Blog
- IT Security Central
- Dark Reading
- Ahead of the Threat
- The Insider Threat Man
- The Trusted and Valued Insider (Threat)
- Digital Guardian
Background and detailed advice to help you develop an insider threat program.
- Insider Threat Program: Your 90-Day Plan
- Insider Threat Prevention Complete Self-Assessment Guide
- Insider Threat: Prevention, Detection, Mitigation, and Deterrence
- Insider Threats (Cornell Studies in Security Affairs)
- Insider Threat: A Guide to Understanding, Detecting, and Defending Against the
- Enemy from Within
Detailed documentation on hundred of insider threat cases.
We recently published a big list of cyber security conferences in 2018. Here are some conferences that focus solely or include sessions on insider threat detection.
- RSA Conference 2018
- SANS Security Awareness Summit 2018
- CyberThreat Summit 2018
- SecurIT 2018
- Insider Threat Summit 2018
Information and resources about insider threats in various industries.
- National Council of Information Sharing and Analysis Centers (ISACs)
- Government: Implementing an Effective Insider Threat Program
- Government: How to Build an Effective Insider Threat Program to Comply With the New NISPOM Mandate
- Finance: Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector
- Infrastructure: Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors
- Healthcare: Healthcare Case Study: Beating Cybercrime, Nation-states & Insider Threats
- Healthcare: Protenus Breach Barometer
Recent research findings regarding the extent of insider threats.
- 2017 Verizon Data Breach Investigations Report (DBIR)
- Defending Against the Wrong Enemy: 2017 SANS Insider Threat Survey
- 2018 Insider Threat Report
- Privileged User Abuse & The Insider Threat
- Inside Job: The Sequel – The 2017 Federal Insider Threat Report
- 2017 IBM X-Force Threat Intelligence Index
- 2017 Protenus Breach Barometer Report
Collections of resources to help you battle insider threats.
- Insider Threat Toolkit, Center for Development of Security Excellence
- CERT Insider Threat Test Datasets
Training resources aimed at educating the end user to prevent negligent insider attacks.
- SANS Security Awareness Training Solution
- 2017 Security Awareness Report
- Security Awareness Computer-Based Training Reviews
- Top 9 Free Phishing Simulators
Training: Insider Threat Hunters
Training resources aimed at educating the IT professional to detect and prevent insider threats.
- CERT Insider Threat Certificates and Training
- Cybersecurity Threats: Insider Threats
- CDSE Insider Threat Program Catalog
- NITTF Insider Threat Training
- SEI Building an Insider Threat Program
Vendors (Employee Monitoring Software)
Recent reviews of employee monitoring software packages that help detect and prevent insider threats.
Techniques and best practices to develop an insider threat program, monitor for threats, and mitigate threats.
- CERT Top 10 List for Winning the Battle Against Insider Threats
- CERT Common Sense Guide to Mitigating Insider Threats
- Predictive Techniques to Catch Insider Threats Before they Become Criminals
- Keeping Up with the Joneses: How Does Your Insider Threat Program Stack Up?
- A Field Guide to Insider Threat Helps Manage the Risk
- What a Relief – It Works! How to Build an Insider Threat Program in 1 Year
- Taking Action Against the Insider Threat
- Analytic Approaches to Detect Insider Threats
- A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders
- Combating the Insider Threat
- Model-Driven Insider Threat Control Selection and Deployment
- Positive Incentives for Reducing Insider Threat
- An Insider Threat Indicator Ontology
- Bridging the Gap: A Pragmatic Approach to Generating Insider Threat Data