United States Secret Service: National Threat Assessment Center (NTAC)

National Threat Assessment Center - Insider Threat Study

In August 2004, the U.S. Secret Service and Carnegie Mellon University Software Engineering Institute's CERT® Coordination Center (CERT/CC) announced the findings of the first Insider Threat Study report, a collaborative effort to better understand insider activities affecting information systems and data in critical infrastructure sectors.

The first report focuses on the people who have had access to and have perpetrated harm using information systems in the banking and finance sector, which includes credit unions and financial institutions. This study, made possible by significant financial support from the Department of Homeland Security's Science and Technology Directorate, is the first of its kind to provide a comprehensive analysis of insider actions by analyzing both the behavioral and technical aspects of the threats.

The findings underscore the importance of organizations' technology, policies and procedures in securing their networks against insider threats, as most of the cases showcased in the report were perpetrated by insiders with minimal technical skills. Various proactive practices are among the suggestions offered by the report.

About the Insider Threat Study

The Insider Threat Study is one component of an ongoing partnership between the Secret Service's National Threat Assessment Center and the Software Engineering Institute's CERT® Coordination Center, , designed to develop information to help private industry, government, and law enforcement better understand, detect and ultimately prevent harmful insider activity.

The definition of an insider for this study includes current, former, or contract employees of an organization. The cases analyzed in the Insider Threat Study involve incidents in which an insider intentionally exceeded or misused an authorized level of system access in a manner that affected the organization's data, daily business operations, or system security, or involved other harm perpetrated via a computer.

For the Insider Threat Study, researchers from the Secret Service CERT/CC have focused on identifying the physical and online behaviors and communications that insiders engaged in before the incidents, as well as how the incidents were eventually executed, detected, and the insider identified. This approach addresses a broader phenomenon than previous studies on the topic of insider activity.

Insider Threat Study
Illicit Cyber Activity in the Banking and Finance Sector
pdf - 107 Kb
Press Release
U.S. Secret Service and CERT® Coordination Center Release Comprehensive Report Analyzing Insider Threats to Banking and Finance Sector
CERT® Coordination Center

About

»	Home
»	Mission
»	Director
»	History
»	Strategic Plan
»	Contact Information
»	Field Offices
»	Business Opportunities
»	FAQs
»	Kid's FAQs

Press Room

»	Advisories
»	Photos
»	Press Releases
»	FOIA
»	Information Quality
»	EEO Data Posted Pursuant to the No FEAR Act

Protection

»	Protective Mission
»	How Protection Works
»	Protective Research
»	Uniformed Division
»	National Special Security Events
»	National Threat Assessment Center

Investigations

»	Investigative Mission
»	Counterfeiting
»	Financial Crimes
»	Forensics
»	Know Your Money
»	Cyber Threat/Network Incident Reporting

Employment

»	Opportunities
»	Current Vacancies
»	Career Fairs
»	Application Forms

Partnerships

»	NPC 50
»	Boys and Girls Club Partnership
»	Center for Missing and Exploited Children

Search