Insider Threat Vulnerability Assessments
To effectively mitigate the threats posed by trusted insiders, you must understand your organization’s susceptibility to those threats. The CERT Insider Threat Vulnerability Assessment helps you determine how prepared you are to prevent, detect, and respond to insider threats, should they appear in your organization.
The assessment takes a holistic approach to identifying threats by identifying your technical vulnerabilities, business process gaps, management issues, and your ability to effectively integrate behavioral analytics into your threat assessment process.
Our research has proven that the insider threat problem is complex; therefore, you need an approach that
- encompasses policies, practices, and technologies
- is empirically based yet adaptable to current trends and technologies
- focuses on prevention, detection, and response strategies
Our assessment toolset methodology, which is based on more than 1,000 insider threat incidents in our corpus, encompasses information technology, human resources, physical security, business processes, legal, management, contracting, and organizational issues. It merges technical, behavioral, process, and policy issues into a single, actionable framework.
Using the insider threat incident repository, we examine the problems from technical, behavioral, process, and policy perspectives to form an approach to help you develop strategies that prevent, detect, and respond to insider threats.
By asking us to perform an assessment on your organization, you take the first step in safeguarding your critical assets, gaining a better understanding of your vulnerability to insider threats, and managing the risks associated with them. The assessment results benefit everyone involved in the vulnerability assessment process and provide a measure of your organization’s preparedness to prevent, detect, and respond to the threats posed by insiders.
For the assessment, members of our insider threat center staff spend three to five days at your organization. During that time, we review documents, interview key personnel in your organization, and observe key processes and security issues. We sign a non-disclosure agreement to ensure that all collaborations remain confidential.
After the onsite visit, we provide you with a confidential report that contains the findings of the assessment to help you understand your exposure to insider threats along multiple vectors (technical, behavioral, process, and policy) and deliver a single, actionable framework to manage these issues and associated risks.
Other organizations have used their reports to
- identify and implement short-term tactical countermeasures
- guide their ongoing risk management process for implementing long-term, strategic countermeasures
- justify follow-up actions to key decision makers