INSIDE-R PROTECT®
Employees work within an increasingly fast-paced and technology-enabled world where they are asked to do more, faster than ever. There is a continued rise in the threat of sophisticated nation-state and domestic adversaries aggressively targeting trusted insiders. Organizations are searching for ways to innovatively protect their increasingly distributed and/or hybrid workforces. These factors contribute to the urgent challenge to manage insider risk more efficiently, particularly within critical infrastructure organizations.
To meet this need, The MITRE Corporation, a not-for-profit research and development organization that works in the public interest, has formed a public-private partnership program. Through a non-exclusive licensing agreement, MITRE will provide review and assessment services and conduct collaborative research to help critical infrastructure organizations of the Five Eyes intelligence alliance to elevate their Insider Risk Programs using behavioral sciences to deliver data-driven, community-oriented solutions. The MITRE Inside-R Protect® program was specifically designed to enable implementation of human-centric advanced insider risk deterrence, detection, and mitigation capabilities for evidence-based decision-making. Broadly, the program offers:
-
- Expert review of existing or planned insider risk programs
- An independent, data-driven, insider risk program analysis and support for self-assessments
- Continuous knowledge transfer and closed-door briefings on MITRE insider threat research and actual insider threat cases
There are two tiers of service offerings. “Tier 1– Insider Risk Program Review” engagement is designed for organizations in the early stages of planning, formalizing, or building an Insider Risk Program. The “Tier 2 – Data-Driven Insider Risk Program Analysis” engagement is designed for organizations with an active operational Insider Risk Program and are looking to grow or mature.
For Tier 1 – Insider Risk Program Review the MITRE Inside-R Protect® team will conduct a light-weight review of former, existing, or planned insider risk deterrence, detection, and mitigation efforts. The result of the review will be findings that identify and describe:
-
- Observations and high-level recommendations about existing deterrence, detection, and mitigation efforts
- Specific pain points to the building and growth of an Insider Risk Program
- Approaches to tackling misconceptions by key stakeholders about insider risk and Insider Risk Program development
- Approaches to help program advocates garner necessary executive and stakeholder support for current or planned Insider Risk Program
Tier 2 – Data-Driven Insider Risk Program Analysis engagement for organizations which already have an active operational Insider Risk Program. The MITRE Inside-R Protect® team will conduct a deep-dive review and analysis of former, existing, and planned insider risk deterrence, detection, and mitigation efforts. The result of the analysis will be findings that identify and describe:
-
- Data-driven and expertise-led recommendations to grow and mature the Insider Risk Program
- Prioritized gaps between existing detection implementations and data-driven leading practices in insider risk detection
- High priority use cases for insider risk deterrence and detection specific to the organization
- Organization-specific approaches to tackle misconceptions about insider risk and Insider Risk Program development
- Tailored strategies essential for advancing the program and continued operational success for the Insider Risk Program to use to advocate, influence, and gain support from stakeholders
- Identified pain points and strategies for making progress in managing those pain points
- Key areas where the organization could benefit from conducting scientific research with its own internal program data and information
“MITRE recognizes three fundamental challenges in insider threat,” said Dr. Deanna Caputo, MITRE’s Chief Scientist for Insider Threat Capabilities. “First, there is a lack of data-driven, behavior-based, and rigorous scientific evidence to understand these escalating risks. Second, there is an over-reliance on frameworks and security controls focused on addressing external cyber threats. And third, insights are being made from a small pool of case studies that lack sufficient detail. We feel that these challenges must be addressed immediately as a component of our mission to solve problems for a safer world. We needed to raise the bar.”
For more information or discuss your interest in Inside-R Protect®, please contact Dr. Deanna D. Caputo (dcaputo@mitre.org)
MITRE Inside-R Protect® is made available under a non-exclusive licensing agreement. Current partners include:
MITRE Inside-R Protect® in partnership with DTEX Systems. MITRE has formed a public-private partnership with DTEX Systems, the Workforce Cyber Intelligence & Security Company™. Under a non-exclusive licensing agreement, MITRE and DTEX Systems will provide review and assessment services and conduct collaborative research to help critical infrastructure organizations of the Five Eyes intelligence alliance to elevate their Insider Risk Programs using behavioral sciences to deliver data-driven, community-oriented solutions.
“Our research with MITRE found new human behavioral indicators and sequences that represent markers that appear in nearly every insider threat event,” said Mohan Koo, co-founder of DTEX Systems. “These indicators, in the hands of MITRE’s experts and scientists, and layered into our DTEX InTERCEPT(TM) platform, offer Five Eyes critical infrastructure entities an opportunity to identify and mitigate insider-born risks before data exfiltration, sabotage, and fraudulent behaviors result in permanent operational damage.” (Source: https://www.dtexsystems.com/press/mitre-dtex-partnership-insider-risk/)
For more details, please contact Dr. Deanna D. Caputo (dcaputo@mitre.org).