The insider threat provides a comprehensive examination of the current state-of-the-art in addressing it as it pertains to information technology systems. This SOAR provides an overview of how the insider threat is defined and viewed across the government, industry, and academia and discusses the different policy, technical, and procedural approaches being applied by each of these communities to address the threat. The SOAR also describes ongoing research meant to further our ability to limit or prevent insider attacks. Finally, the report presents a compendium of current state-of-the-art best practices that are being used in government and industry to mitigate the insider threat.
This report is unclassified but contains For Official Use Only information and, therefore, its distribution is limited to U.S. government and authorized contractors.