Carnegie Mellon University
Browse
- No file added yet -

Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector

Download (1.13 MB)
report
posted on 2014-07-01, 00:00 authored by CERT Insider Threat Team

The research documented in this report seeks to advance the understanding of the unintentional insider threat (UIT) that results from phishing and other social engineering cases, specifically those involving malicious software (malware). The research team collected and analyzed publicly reported phishing cases involving malware and performed an initial analysis of the industry sectors impacted by this type of incident. This report provides that analysis as well as case examples and potential recommendations for mitigating UITs stemming from phishing and other social engineering incidents. The report also compares security offices’ current practice of UIT monitoring to the current manufacturing and healthcare industries’ practice of tracking near misses of adverse events.

History

Date

2014-07-01

Usage metrics

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC