Media & Publications
Media
-
- Why Should You Manage Insider Threats Differently than APTs? | Cybersecurity Tribe
- MITRE Pushes to Launch New Insider Threat Framework | HackerNoon
- Managing Insider Threats is a Team Sport | The MITRE Corporation
- MITRE and DTEX Systems Announce Public-Private Partnership to Elevate Insider Risk Programs and Advance Human-Centric Security | The MITRE Corporation
- MITRE chooses South Australia as Home for First-Of-Its-Kind Applied Research Center for Space, Defense & Cybersecurity | The MITRE Corporation
- The People Closest to You Will Hurt You – CISO Series
- You used to build a wall to keep them out, but now hackers are destroying you from the inside: How do you keep data safe when the enemy has already breached your defences? | WIRED UK
- Washington Post (2014) “Federal agencies embrace new technology and strategies to find the enemy within.” by Christian Davenport
- Applying Behavioral Science to the Challenges of Cybersecurity | The MITRE Corporation
- The Human Factor: Using Behavioral Science to Counter Insider Threats | The MITRE Corporation
Publications
MITRE’s Insider Threat Team does not publish most research and program technical products developed. This is due to the sensitivities of the sponsors and programs, but also because we aim to ensure that we are not providing advantages to adversaries.
-
- Caputo, D.D. (2021). Insider Threats: Leveraging the Benefits of Behavioral Science Research. In: J. R. Meloy, & J. Hollman (eds.). International Handbook of Threat Assessment, Second Edition (pp.305-324). Oxford, UK: Oxford University Press.
- Waltermire, K., Conroy, T., Harriston, M., Irrechukwu, C., Krishnan, N., Doodson, J., et al. (2018). NIST Special Publication 1800-18: Privileged Account Management for the Financial Services Sector. National Institute of Standards and Technology, Gaithersburg MD.
- Burns, A.J., Johnson, M.E., & Caputo, D.D. (2018). Spear Phishing in a Barrel, Journal of Organizational Computing and Electronic Commerce.
- Moore, A.P. Cassidy, T.M, Theis, M.C., Bauer, D., Rousseau, D.M., & Moore, S.B. (2018). Balancing Organizational Incentives to Counter Insider Threat, 2018 IEEE Security and Privacy Workshops (SPW).
- Theis, M., Trzeciak, R., Costa, D., Moore, A., Miller, S., Cassidy, T., & Claycomb, W. (2019). Common Sense Guide to Mitigating Insider Threats, Sixth Edition (CMU/SEI-2018-TR-010).
- Watson, S.J., Taylor, P.J., Conchie, S.M., Doodson, J., & Jolley, D.R. (2017). Identifying Insider Attacks Through Language Change in an Immersive Police Operations Simulation. European Association of Psychology and Law, Mechelen, Belgium.
- Caputo, D.D., Pfleeger, S.L., Sasse A.M., Ammann, P., & Offutt, J. (2016). Barriers to Usable Security? Three Organizational Case Studies, IEEE Security and Privacy, Sept/Oct.
- Moore, A. P., Perl, S. J., Cowley, J., Collins, M. L., Cassidy, T. M., VanHoudnos, N., & Rousseau, D. M. (2016). The Critical Role of Positive Incentives for Reducing Insider Threats. (CMU/SEI).
- Collins, M., Theis, M., Trzeciak, R, Strozer, J., Clark, J., Costa, D., Cassidy, T., Albrethsen, M., & Moore, A. (2016). Common Sense Guide to Mitigating Insider Threats, Fifth Edition (CMU/SEI-2016-TR-015).
- Burger, J., & Caputo, D.D., (2015). The Low-Ball Compliance Procedure: A Meta-Analysis, Social Influence.
- Caputo, D.D., Pfleeger, S.L., Freeman, J., & Johnson, E. (2014). Going Spear Phishing: Testing Embedded Training and Awareness, IEEE Security and Privacy, Jan/Dec.
- Whitty, M., Doodson, J., Creese, S., & Hodges, D. (2015). Individual Differences in Cyber Security Behaviors: An Examination of Who is Sharing Passwords. Cyberpsychology, Behavior, and Social Networking, 18(1), 3-7.
- Pfleeger, S.L., Rogers, M, Bashir, M., Caine, K., Caputo, D.D., Losavio, M., & Stolfo, S. (2012). Does Profiling Make us More Secure? Profiling and Prediction Roundtable, IEEE Security & Privacy.
- Pfleeger, S.L, & Caputo, D.D., (2012). Leveraging Behavioral Science to Mitigate Cyber Security Risk: Areas with Potential and Demonstrated Relevance to Security, Computer and Security.
- Caputo, D.D., & Freeman, J., (2012). Leveraging Human Behavior to Reduce Cyber Security Risk: Spear Phishing Research Technical Components, Institute for Information Infrastructure Protection.
- Caputo, D.D., Maloof, M.A., &Stephens, G.D (Nov/Dec 2009). Detecting the Theft of Trade Secrets by Insiders: A Summary of MITRE Insider Threat Research, IEEE Security & Privacy, Nov/Dec.
- Caputo, D.D., Stephens, G.D., Stephenson, B., Cormier, M. & Kim, M (2008). An Empirical Approach to Identify Information Misuse by Insiders,” Recent Advances in Intrusion Detection, Lecture Notes in Computer Science, Volume 5230, Springer, pp. 402–403.
Presentations
-
- Keynote, ASCE Research Security Annual Seminar: “Introducing the Insider Risk Management Program Guidebook for Higher Education”, Dr. James Doodson, 2022
- Speaker, UARC/FFRDC Insider Threat Working Group: “Introducing the Insider Risk Management Program Guidebook for Higher Education”, Dr. James Doodson, 2022
- Speaker, ASCE Research Security Annual Seminar: “A Behavioral Study on Employee Reporting of Insider Risks: Recommendations for University Security Awareness Programs”, Dr. Deanna Caputo, 2022
- Speaker, ASCE Research Security Annual Seminar: “Researcher Risk Personas: A Tool for Department Chairs, Center Directors, and Deans”, Dr. W. Bryan Higgins, 2022
- Keynote, National Insider Threat Task Force (NITTF): “Economic Espionage: A Behavioral Study on Employee Reporting of Insider Risks”, Dr. Deanna Caputo, 2022
- Moderator, DSI Counter-Insider Threat Symposium: “Incorporating the Social and Behavioral Sciences (SBS) as a Foundational Pillar at Both the Enterprise and Component levels of Insider Threat Programs”, Dr. Deanna Caputo, 2021
- Panelist, DSI Counter-Insider Threat Symposium: “Incorporating the Social and Behavioral Sciences (SBS) as a Foundational Pillar at Both the Enterprise and Component levels of Insider Threat Programs”, Dr. James Doodson, 2021
- Speaker, FS-ISAC Insider Threat Working Group : “MITRE Insider Threat Capabilities”, Dr. Deanna Caputo, 2021
- Speaker, SANS Security Awareness Summit: “Economic Espionage-Employee Underreporting of Exposure to Real Security Incident”, Dr. Deanna Caputo, 2021
- Panelist, Australian Cyber Security Centre (A3C): “Uplifting Australia’s Cyber Resilience Senior Panel”, Dr. Deanna Caputo, 2021
- Keynote, DSI Counter-Insider Threat Symposium: “Remote-working and Insider Threat Risks”, Dr. Deanna Caputo, 2021
- Speaker, Securities Industry and Financial Markets Association (SIFMA): “MITRE Insider Threat Capabilities”, Dr. Deanna Caputo, 2021
- Speaker, Open-Source Insider Threat (OSIT) Financial Services Working Group: “MITRE Insider Threat Research Capabilities, “Dr. Deanna Caputo, 2021
- Keynote, International Information Systems Security Certification Consortium (ISC)2 RVA: “Leveraging the Benefits of Behavioral Science Research”, Dr. Deanna Caputo, 2021
- Speaker, Gartner CISO Research Board: “Applied Insider Threat Research”, Dr. Deanna Caputo, 2020
- Keynote, Australian C-InT Centre of Excellence Announced by Premier of South Australia: “State of the Art of Insider Threat Progress and Challenges”, Dr. Deanna Caputo, 2020
- Keynote, International Cybersecurity Forum (FIC) in Lille France: “Human Behavior and Social Engineering” opening for French Prime Minister, Dr. Deanna Caputo, 2020
- Keynote, DSI Insider Threat Symposium: “Leveraging Behavioral Science Research to Advance Insider Threat Programs”, Dr. Deanna Caputo, 2020
- Keynote, Center for Development of Security Excellence (CDSE) in Defense Counterintelligence and Security Agency (DCSA): “Frontline Employee Identification of Organization Insider Threat Vulnerabilities”, Dr. Deanna Caputo, 2019
- Keynote, Northern Virginia Technology Council (NVTC) Cybersecurity & Privacy Committee, Dr. Deanna Caputo, 2019
- Speaker, George Mason University Psybersecurity Workshop: “Supervisors as a Security Sensor: Developing Insider Risk Personas to Train Supervisors and Increase Reporting”, Dr. James Doodson, 2019
- Speaker, DSI Symposium on Insider Threat: “The Psychology of Insider Threats: Leveraging Behavioral Science to Mitigate Threats”, Dr. Deanna Caputo, 2019
- Speaker, FBI Insider Threat Symposium: “Technical Detection of Insider Workplace Violence”, Tracy Cassidy, 2018
- Speaker, American Fuel and Petroleum Refineries Annual Security Conference: “Saboteur, Spy, Scammer and Shooter: Insider Threat Considerations”, Tracy Cassidy, 2018
- Speaker, Association of Threat Assessment Professionals Threat Management Conference: “Saboteur, Spy, Scammer, and Shooter: Potential Indicators of Malicious Insider Threat”, Tracy Cassidy, 2018
- Speaker, Robert Morris University Young Professionals Organization: “Insider Threat Overview: Skills and Backgrounds of Insider Threat Professionals”, Tracy Cassidy, 2018
- Panelist, DSI Symposium on Insider Threat: “Behavioral Science Panel: Leveraging Advanced Analytics to Detect Behavioral Anomalies”, Dr. James Doodson, 2018
- Speaker, Women Leading Government Cybersecurity, Microsoft Azure, Dr. Deanna Caputo, 2018
- Panelist, DC Cyberweek, Defense Strategies Institute, Dr. Deanna Caputo, 2018
- Keynote, Commonwealth of Virginia IT Security Conference, Dr. Deanna Caputo, 2018
- Keynote, AMGEN Cybersecurity Awareness Month, Dr. Deanna Caputo, 2018, 2017, 2016
- Speaker, DCISE TechEx, Dr. Deanna Caputo, 2018
- Speaker, Asia Pacific Association of Threat Assessment Professionals (Singapore): “The Many Faces of Insider Threat”, Tracy Cassidy, 2017
- Keynote, National Governor’s Association National Summit: Meet the Threat: States Confront the Cyber Challenge, Dr. Deanna Caputo, 2017
- Program Committee, Computing Community Consortium, Visioning Workshop on Sociotechnical Cybersecurity, Dr. Deanna Caputo, 2016-2017
- Speaker, DOJ Insider Threat Behavioral and Technical Research Working Group, Dr. Deanna Caputo, 2017
- Speaker, SEMCACFE Annual Fraud Conference, Dr. Deanna Caputo, 2017
- Speaker, DCISE TechEx, Dr. Deanna Caputo, 2017
- Speaker, DOJ Insider Threat Behavioral and Technical Research Working Group, Dr. Deanna Caputo, 2016
- Speaker, MITRE Board of Trustees, Insider Threat Psychosocial Research: Project Slammer Dataset Analysis, Dr. Deanna Caputo, 2015
- Reviewer and Panelist, NSF Secure and Trustworthy Cyberspace, Dr. Deanna Caputo, 2014
- Presentation, NSF WATCH Talk, Dr. Deanna Caputo, 2014
- Lecturer, FBI National Academies: Operational Research Methods in Law Enforcement Class and Applied Criminology Class, Dr. Deanna Caputo, 2013 & 2014
- Presentation, National Research Council/National Academy of Sciences to present to the Committee on Future Research Goals and Directions for Foundational Science in Cybersecurity, Dr. Deanna Caputo, 2013
- Panelist, Behavioral science and insider threat SME for National Risk Estimate: Risks to U.S. Critical Infrastructure from Insider Threats, Dr. Deanna Caputo, 2012
- Panelist, Behavioral science and insider threat SME for DHS Insider Threat to U.S. Critical Infrastructure: an Exercise on Espionage, Dr. Deanna Caputo, 201
- Panelist, Insider Threat -The New Presidential Directive at FOSE, Dr. Deanna Caputo, 2012
- Panelist, Full day symposium at Hawaii International Conference on System Sciences (HICSS), Dr. Deanna Caputo, 2012
- Presentation, Half-day tutorial at IEEE Workshop on Information Forensics and Security (WIFS) in Brazil, Dr. Deanna Caputo, 2012
- Presentation, International Consortium of the Applied Behavioral Sciences (“ICABS”), Dr. Deanna Caputo, 2012
- Panelist, DHS National Initiative for Cybersecurity Education (NICE) Conference, Dr. Deanna Caputo, 2011
- Speaker, Financial Services Technology Consortium, Dr. Deanna Caputo, 2011
- Speaker, Cyber Security through a Behavioral Lens Workshop, Capital Hill, DC, Dr. Deanna Caputo, 2010
- Panelist, Congressional Panel Discussion on Cyber Security and Human Behavior: How to Protect Yourself and Your Computer, Dr. Deanna Caputo, 2009
- Presentation, National Academies Usability, Security, and Privacy of Computer Systems Workshop, Dr. Deanna Caputo, 2009
- Panelist, Senate Homeland Security Panel on Human Behavior and Cyber-Security, Dr. Deanna Caputo, 2008
- Speaker, The Malicious Exploitation of Information Systems: Preventing the Rise of the Insider Threat Conference, University College London, England, Dr. Deanna Caputo, 2008