MITRE and DTEX SystemsTM, the Workforce Cyber Intelligence & Security CompanyTM, today announced a partnership to elevate insider risk awareness and human-informed cyber defense strategies through behavioral-based research and the launch of the MITRE Inside-R ProtectTM program.
Today’s employees work within a high-paced, technology-enabled world where they are asked to do more and do so faster than ever before. This workforce requirement, coupled with the rise in the threat of nation-state adversaries aggressively targeting trusted insiders, is driving a call to action within Five Eyes critical infrastructure organizations to manage insider risk more effectively while also protecting increasingly distributed and hybrid workforces.
“The risk to the critical infrastructure entities of the Five Eyes from insider threats is very real, and any compromise to the security of these entities will have a damaging and lasting impact to these nations’ economies and the safety of their citizens,” said Julie Bowen, MITRE’s senior vice president of operations and outreach and chief legal officer.
Under a non-exclusive licensing agreement, MITRE and DTEX will conduct collaborative research and deliver MITRE Inside-R Protectas a set of data-driven, community-oriented service offerings to help industry and government elevate their insider risk programs using behavioral sciences.
MITRE Inside-R Protect will offer Five Eyes critical infrastructure organizations the following service offerings:
Expert review of existing or planned insider risk programs,
An independent, data-driven, insider risk assessment and support for self-assessments, and
Continuous knowledge transfer and closed-door briefings on MITRE insider threat research and actual insider threat cases.
“MITRE recognizes three fundamental challenges in insider threat,” said Deanna Caputo, MITRE’s capability lead for insider threat. “First, there is a lack of data-driven, behavior-based, and rigorous scientific evidence to understand these escalating risks. Second, there is an over-reliance on frameworks and security controls focused on addressing external cyber threats. And third, insights are being made from a small pool of case studies that lack sufficient detail. We feel that these challenges must be addressed immediately as a component of our mission to solve problems for a safer world. We needed to raise the bar.”
MITRE and DTEX Systems, both members of the Australian Cyber Collaboration Centre (A3C), decided to elevate the conversation regarding insider risk in early 2020. Sponsored by the A3C, MITRE and DTEX conducted a data-driven study of the modern insider threat landscape that was completed in May of 2021. Researchers explored how remote workers searched, collected, and exfiltrated real data on a live corporate network, and how their behavior was affected by their intention (malicious vs. benign) and technical expertise (expertise agnostic vs. advanced technical expertise). The study, “Remote Worker Cyber Indicators of Malicious Insider Threat,” identified and differentiatedbehavioral characteristics of malicious users from those of benign users. The results revealed multiple cyber indicators of real-life, malicious, remote workers.
“Insider threats, whether the result of a malicious insider, a compromised user, or a negligent employee, represent one of the greatest risks to an organization’s brand, intellectual property, workforce, and supply chain,” said Mohan Koo, CTO and co-founder, DTEX Systems. “Our research with MITRE found new human behavioral indicators and sequences that represent markers that appear in nearly every insider threat event. These indicators, in the hands of MITRE’s experts and scientists, and layered into our DTEX InTERCEPTTM platform, offer Five Eyes critical infrastructure entities an opportunity to identify and mitigate insider-born risks before data exfiltration, sabotage, and fraudulent behaviors result in permanent operational damage.”
On February 24 at 1 pm ET, Bowen and Chris Folk, MITRE’s director of cyber partnerships and policy, will host a live briefing, “For the Greater Good: How Global Partnerships Address Emerging Human-Centric Risks and Improve Cyber Resiliency.” The exclusive briefing will take a deeper look into MITRE’s vision for the future of cybersecurity and explore the areas of possible partnership to address these common-good challenges. Included will be a brief overview of Inside-R Protect and a discussion of the opportunities available to government and private entities to develop data-driven approaches, conduct applied collaborative research, and deliver community-oriented frameworks, specialized review and assessment services, and other tools to address the challenges facing security teams and global leaders. Those interested in attending should visit https://www2.dtexsystems.com/for-the-greater-good to request an invitation.
MITRE has 15 years of experience leveraging and combining behavioral and technical sciences to help insider risk programs more effectively deter, detect, and mitigate insider threats. For more information about a potential partnership, Inside-R Protect, or licensing MITRE intellectual property, contact the MITRE Partnerships Office at firstname.lastname@example.org.