Using centralized logging to mitigate Insider Threat

by George Chetcuti [Published on 12 June 2015 / Last Updated on 12 June 2015]

In this report, Michael Hanley and Joji Montelibano (for CERT Insider Threat Center), present an insider threat pattern on how organizations can combat insider theft of intellectual property.

The CERT Insider Threat Center, part of Carnegie Mellon University’s Software Engineering Institute, maintains a database of more than 600 insider threat cases.

Organizations must carefully consider employee communications during the time frame immediately preceding termination. Many insiders have stolen information within the 30 days prior to departure. Many of these thefts occurred via corporate email servers. A well-constructed rule set could be placed on a centralized logging application to identify suspicious mail traffic originating from soon-to-be-departing employees.

Read the full report here - http://resources.sei.cmu.edu/asset_files/TechnicalNote/2011_004_001_15368.pdf

Review and Comments

Register Now for Office365 CON - 2017 Online Conference!

Early registration is now open for Office365 CON 2017, the annual online gathering of IT Strategists, Microsoft MVPs and Messaging Technology Vendors. This convenient, annual online event is presented by TechGenix and MSExchange.org for the benefit of busy IT Professionals within the global Office 365 and MS Exchange communities.

Early registrants for this year's conference will also receive a Symantec White Paper: Top 5 SSL/TLS Attack Vectors: How they have impacted IT and how you can avoid them , as well as an invitation to join a special Conference Preview broadcast.

Time and Date: Thursday, March 23, 2017, starting at 10am EDT | 9am CDT | 7am PDT

Newsletter Subscription

WindowsNetworking.com Sections

Featured Freeware

Download Free TFTP Server. The most trusted on the planet by IT Pros

Using centralized logging to mitigate Insider Threat

See Also

Review and Comments

See Also