Questions? +1 (202) 335-3939 Login
Trusted News Since 1995
A service for military industry professionals · Sunday, December 16, 2018 · 471,282,372 Articles · 3+ Million Readers

Analyst Wins Top CIO Award For Insider Threat Detection Efforts

At U.S. Strategic Command in Omaha, Nebraska, a cyberthreat analyst busily monitors potential insider threats for the command’s top-secret, secret and classified networks.

Mariah Miller-Gordon, 25, the developer of the year-old program — called the Cyber Threat Analysis Risk Assessment Matrix — is preparing the matrix for use at other Defense Department organizations.

On Nov. 29, at the 2018 DOD Chief Information Officer Annual Awards for Cyber and Information Technology Excellence ceremony at the Pentagon, Miller-Gordon won an individual award for her work in developing a matrix aimed at identifying insider threats.

She credited a team effort in her division for the win, noting that her team identified the need for a system that documented and described “the whole threat profile of an individual and what it looks like to the command,” she said.

Quantifying Insider Threats

The matrix helps quantify insider threats, and in the first year of its use Stratcom has identified more than 250 potential insider threats, thanks to Miller-Gordon’s vision.

“The risk matrix came as a need to ... describe how it [insider threats] actually impacts the mission and how we quantify those things,” she said.

“You’ve got to know what’s valuable to the J-3 [operations], the J-5 [plans and policy], to safeguard that information. If you don’t know what the information does or doesn’t do, then you don’t know how it will impact the mission,” Miller-Gordon explained.

And, she added, quantifying is still a big challenge as her division moves forward.

“The matrix is important to stop insider threats because it’s not about [just] one thing somebody does,” Miller-Gordon said. “In the business of insider threats … it’s one small thing here, one small thing there, and it leads to a bigger mosaic. And the matrix is important because it helps us pictorially quantify that threat mosaic that somebody might have.”

“People go through tough times, life happens, and there’s that whole burden of existence, and it’s hard to say, ‘Oh, somebody has financial issues and they’re an insider threat because they need money and might sell secrets.’ That’s not always the case,” she said.

Connecting The Dots

But her division still has to know that indicator exists because otherwise there’s no way to progress to knowing if it’s a threat or not, Miller-Gordon added.

Looking at potential insider threats is a game of connect the dots, she noted.

And, “it’s as much tracking the insider threat as it is keeping the workforce healthy, whole and safe, and making sure people are protected,” Miller-Gordon said. “We’re almost like the protectors of the people inside the building [in addition to] trying to find the insider threat.”

Will the matrix someday be used departmentwide? It’s her understanding that it will, at some point.

“It really will be an asset to the DOD community at large as we start to move into understanding what the insider threat is; not just cyberwise, but also behaviorwise, and how those two integrate,” she said.

Powered by EIN Presswire
Distribution channels: Military Industry


EIN Presswire does not exercise editorial control over third-party content provided, uploaded, published, or distributed by users of EIN Presswire. We are a distributor, not a publisher, of 3rd party content. Such content may contain the views, opinions, statements, offers, and other material of the respective users, suppliers, participants, or authors.

Submit your press release