CERT Spotlight: Mitigating Threats from Within
http://www.cert.org/
Common Sense Guide to Mitigating Insider Threats, 4th Edition
CERT advisories have become a core component of US-CERT's Technical Cyber Security Alerts
Secure systems
Our research in cyber security engineering involves analyzing how susceptible systems are to sophisticated attacks and proposing better designs for such systems. We also develop techniques that enable us to predict future threats to the internet. The results of our research contribute to our work with network situational awareness. As part of this "operational" component, we are developing tools and techniques that will improve the ability for network administrators to identify what is happening on their networks. These tools and techniques include engineering solutions and research approaches for analyzing broad network activity. The goal is to quantitatively characterize threats and targeted intruder activity.
